Troubleshooting Asset

To collect and send information to Tanium for troubleshooting, collect log and other relevant information.

Collect logs

The information is saved as a compressed ZIP file that you can download with your browser.

  1. From the Asset home page, click Help .
  2. Collect the troubleshooting package. Click Collect. To collect additional information Postgres table statistics that includes information bad tuples, live, last vacuum, and so on, select Collect additional detailed information. When the ZIP file is ready, you can download the tanium-asset-support-[timestamp].zip file to your local download directory.
  3. Attach the ZIP file to your Tanium Support case form or send it to your TAM.

In the ZIP file, you can view the following information: 

  • postgresql-xx.log : Contains Postgres log file.
  • info directory: Contains CSV files for Asset configurations, including attribute configurations, destinations, permissions, and so on. If you click Collect Detailed, CSV files for postgres statistics (pg-stats.csv, pg-table-stats.csv, and pg-index-stats.csv) are also created.
  • job directory: Contains logs for the data imports and exports.

Update service account log level

  1. From the Asset home page, click Settings , then the Advanced tab.
  2. Change the Service Account Log Level.
  3. Click Save.

Troubleshoot asset data exports and imports

View status of imports and exports

On the Asset home page, you can view a timeline of the recent imports and exports. The timeline contains each import, with one of the following statuses: 

  • : Scheduled
  • : Running
  • : Successful
  • : Error

View import and export logs

In the ZIP file that you download from the Help section, you can view logs for the data imports and exports. These logs are in the job directory:

ServiceNow exports

ServiceNow export logs are named with the following format: job/date_time_job#_servicenow_config#.log. If you enable Trace level logging on your ServiceNow configuration, numbered subdirectories, for example job/65, are created that contain all of the POST and GET requests for that job. See Add ServiceNow as a destination for more information about configuring logging.

Asset data imports

You can use these logs to view details about the scheduled runs that are occurring to import asset data from Tanium into your Asset database. Tanium data import logs are named with the following format: job/date_time_job#_tanium_1.log. For data you are importing from a database, import logs are named with the following format: job/date_time_job#_database_1.log. To change the log level for imports, see Configuring sources.

Disable imports and exports

Data imports and exports run on a configured schedule by default. You can disable this schedule to resolve issues, or run the import or export manually.

  1. From the Asset menu, go to Inventory Management > Schedules.
  2. Hover over the import or export schedule that you want to disable and click Edit .
  3. Clear the Run this connection on a defined schedule setting. Click Update.
  4. If you want to manually run an import or export, go to the Inventory Management > Schedules page. Hover over the import or export schedule and click Run Now.

Fix Error: MULTIPLE_DUPLICATE_RECORDS error message in ServiceNow log file

If you see an Error: MULTIPLE_DUPLICATE_RECORDS error message in the ServiceNow log file, contact your TAM to verify that the ServiceNow export mapping configuration is configured correctly.

  1. From the Asset menu, click Inventory Management > Destinations.
  2. Click Edit next to the destination.
  3. In the ServiceNow Export Mapping section, add the following property to the cmdb_ci_computer mapping:
    identificationFields: [
      [
        "name",
        "serial_number"
      ]
    ],
  4. Click Update.

Remove unneeded data from the Asset database

Delete assets

You can remove assets from your asset database. In a report that shows the assets you want to remove, select the rows and click Delete.

If the asset you deleted responds to the Asset saved questions in a subsequent load, the asset is re-added to the database.

Configure data retention and vacuuming

You can configure data retention and automatic vacuuming on the Asset database.

  1. From the Asset home page, click Settings , then the Advanced tab.
    • To purge stale assets that have not been seen by Asset from the database, enable Purge Stale Assets. Then, indicate the age of stale data to remove. The minimum number is seven days.
    • To adjust the trigger and amount of work done during automatic vacuuming, adjust the Cost Limit and Scale Factor values. The Postgres VACUUM operation reclaims storage that is occupied by dead tuples. By default, the database is vacuumed when 1% of tuples are considered dead, and the cost limit (amount of work per vacuum cycle) is set to 1000.
  2. Click Save.

Uninstall Asset

  1. From the Main menu, click Tanium Solutions. Under Asset, click Uninstall. Click Proceed with Uninstall to complete the process.
  2. Remove Asset Tools from your endpoints. To see which endpoints have the file evidence tools installed, ask the question: Get Asset File Evidence Status from all machines. If you want to clean the artifacts from your endpoints, contact your TAM.
  3. A backup asset-files folder gets created as part of the uninstall process. You can keep or delete this folder. If any other Asset artifacts remain on your Module Server, contact your TAM.
  4. Remove Asset saved questions. You can remove saved questions that meet all the following conditions: 
    • Owned by the service account you configured for Asset
    • AND the name of the saved question starts with Asset
    • AND is in the Asset content set
  5. Remove Asset scheduled actions. Delete the Asset Deploy Collect Active Directory Info scheduled action that is created by the service account and running the Asset Collect Active Directory Info package.
  6. Remove Asset action group. After the action group is empty, you can delete the Tanium Asset action group.

Last updated: 9/3/2019 1:42 PM | Feedback