Do not manually delete any Tanium content that includes "Comply" in the name for any reason. This can cause Comply to stop working correctly.
Due to an expired CIS certificate, all CIS-CAT engines supported by Comply 1.3.2 or older will fail signature validation causing the engine not to run.
To resolve this issue, you must upgrade to Comply 1.3.3 or later. The tools in Comply 1.3.3 provide a work-around for this issue. After deploying these tools, all versions of CIS-CAT will work correctly. Comply 1.3.3 also adds support for CIS-CAT 3.0.43, which contains code signed with a valid certificate.
If you are unable to upgrade Comply, contact your TAM.
You might need to collect a support bundle that includes logs associated with Comply for troubleshooting purposes when working with technical support or your TAM.
You must have the Comply Administrator role to collect the support bundle. For more information about Comply roles, see User role requirements.
- On the Comply Home page, click Help .
- On the Troubleshooting tab, in the Support Request section, click Create Package to download a support bundle of files to provide to your TAM or technical support.
You might need to locate log files on your endpoint or on the Tanium Module Server for troubleshooting purposes when working with technical support or your TAM.
Endpoint log files
Comply log files are created on endpoints at the following path: <Tanium Client>\Tools\Comply\logs
Log files for each scan are keyed by report hash. Only the most recent file is kept.
Tanium Module Server log files
Comply log files are created on the Tanium Module Server at the following path: <Module Server>\services\comply-service\logs
Service log files are found here.
If a JRE encryption key is lost or overwritten, you can recreate the JRE encryption key.
- On the Comply Home page, click Settings .
- On the JRE Encryption Key tab, click Generate Random Key to generate a new JRE encryption key.
- Enter your credentials and click OK.
You can provide your own encryption key; however, as a best practive you should generate a random key.
If you have existing reports on endpoints with an encrypted JRE, those reports must be redeployed. In addition, all existing encrypted deployments must be redeployed so they are updated with the new key.
If you need to uninstall Comply, first clean up the Comply artifacts on endpoints and then uninstall Comply from the server.
Remove Comply content and tools from endpoints
- From the Main menu, click Interact.
- Ask a question to target the endpoints from which you want to remove Comply content and tools. For example, Get Comply - Tools Version from all machines returns all endpoints with the Comply tools installed.
- Select the endpoints from which you want to remove Comply content and tools.
- Click Deploy Action.
- On the Deploy Action page, enter Comply - Remove in the Enter package name here field.
- Select either the Comply - Remove Client Files - Windows or Comply - Remove Client Files - Unix action, as appropriate. For more information, see Tanium Platform User Guide: Managing Scheduled Actions.
- Check Remove ALL Comply files if you want to remove all Comply content and tools or select only the content and tools you want to remove.
- Click Show preview to continue.
- A results grid displays at the bottom of the page showing you the targeted endpoints for your action. If you are satisfied with the results, click Deploy Action.
Remove the Comply solution from the Tanium Module Server
- From the Main menu, click Tanium Solutions.
- In the Comply section, click Uninstall.
- Review the content that will be removed and click Uninstall.
- Depending on your configuration, enter your password or click Yes to start the uninstall process.
- Return to the Tanium Solutions page and verify that the Import button is available for Comply.
Last updated: 1/15/2020 9:33 AM | Feedback