Troubleshooting Deploy

Review troubleshooting tasks for common problems.

If Deploy is not performing as expected, you might need to do some troubleshooting or change settings. You can also contact your TAM for assistance.

Collect a troubleshooting package

For your own review or to assist support, you can compile Deploy logs and files that are relevant for troubleshooting.

  1. Get the Deploy log.
    1. From the Deploy Home page, click Help .
    2. Click the Support tab and click Collect.
    3. When the Status: is updated, click Download.

    The log zip file might take a few moments to download. The files have a timestamp with a deploy-support-YYYY-MM-DDTHH-MM-SS.mmmZ  format.

  2. (Optional) On the endpoint, copy the Tanium\Tanium Client\Tools\SoftwareManagement folder.
  3. (Optional) View status and logs for recent Deploy service jobs.
    1. On the Support tab, click View Job Status.
    2. In the Job Detail window, click Download Logs to download a job-logs.txt file with more details about recent jobs.

    You can also click Show Details and Download Logs from the Initialize Endpoints step of the Configure Deploy section on the Deploy Home page for details about the most recent endpoint initialization. If the Configure Deploy section is not visible on the Deploy Home page, click Manage Home Page, select Configure Deploy, and click Save.

End user notifications are not displayed

End user notifications are supported for Windows endpoints only. If end user notifications are not being displayed on the endpoints:

  1. Verify that the Tanium End-User Notifications solution is installed. For more information, see Tanium End-User Notifications User Guide: Installing End-User Notifications.
  2. Ask the question: Get End-User Notifications - Has Tools from all machines to check if your endpoints have the end user notification tools.
  3. Verify Contact your technical account manager (TAM) to verify that any security software exclusions include the \Tanium\Tanium End User Notification Tools directory. For more information, see Security exclusions.

No applicability information for software packages

Software package applicability is calculated on the endpoints by using the applicability rules in the package definition, which is stored in the software package catalog and distributed to the endpoints.

If the applicability information for software packages is not available:

  1. Verify that the Deploy process is running on the target endpoint.
    1. Ask the question: Get Deploy - Is Process Running from all machines
    2. Check locally for the \Tanium\Tanium Client\python27\TPython.exe file on the endpoint
  2. Verify that the \Tanium\Tanium Client\Tools\SoftwareManagement\software-package-catalog.json file is present and updated.
  3. Verify that the \Tanium\Tanium Client\Tools\SoftwareManagement\settings.json file is present and updated.
  4. Review the \Tanium\Tanium Client\Tools\SoftwareManagement\software-package-applicability.json file to verify the package id, applicability, and updatedAt values. If the package id is not present, a new scan might not have occurred, or the software package catalog might be out of date. When a new software package catalog file is received, the scan should happen within a few minutes.
  5. Load the saved question: Deploy - Software Packages Applicability 0 to display the package id and the applicability state of the first 200 packages. This saved question runs on a schedule that is defined by the Deploy service. Review Deploy settings to adjust these settings as needed.
    1. From the Main menu, click Console > Saved Questions.
    2. Select the Deploy - Software Packages Applicability 0 row and click Load.

No software in the Packages Gallery page

After you import Deploy 1.1 or later, you must Configure service account and Initialize Deploy endpoints again. After the endpoints are initialized, it might take up to one hour to see the software in the Packages Gallery page. You can also restart the Tanium Deploy service to reduce this time constraint.

If you still do not see any software in the Packages Gallery page:

  1. From the Main menu, click Content > Packages.
  2. Search for the Deploy - Software Package Gallery package.
  3. Verify that this package is cached.
    1. Verify that the Size column does not list Pending.
    2. If the size stays at Pending for more than one hour, contact your TAM for assistance.
  4. Check to see if the Tanium Deploy service is attempting to gather the Deploy package gallery file.
    1. Collect a troubleshooting package.
    2. Open the downloaded support bundle and open the deploy-files\logs\Deploy.log file.
    3. Search for Ensuring software package gallery zip package.
    4. If the Deploy.log file does not have that text, Configure service account again, wait 10-15 minutes, and then repeat the previous steps to recheck the log file.
  5. If you still do not see any software in the Packages Gallery page after completing the previous steps, contact your TAM for assistance.

Uninstall Deploy

Use only this procedure to uninstall Deploy.

If you need to uninstall Deploy, first clean up the Deploy artifacts on the endpoint, then uninstall Deploy from the server, and then remove Deploy data directories and files from the server.

Delete Deploy actions

  1. Go to Actions > Scheduled Actions.
  2. Click Action Groups and then choose Tanium Deploy.
  3. Select all of the Deploy actions, click More, and choose Delete Actions.

Remove deployment artifacts from endpoints

  1. Use Interact to target endpoints. To get a list of endpoints that have Deploy tools installed, ask the Get Deploy - Tools Version from all machines question.
  2. In the results grid, choose an item and click Deploy Action.
  3. Click Deployment Package, choose Deploy - Remove Tools [operating system], and select Remove saved data.
  4. Schedule the deployment to reissue periodically and set an end date. This action removes data from endpoints that come online later.
  5. Choose the action group to target with the deployment, preview the deployment, and then click Deploy Action.
  6. Repeat these steps for each operating system package that is installed.

Remove Deploy from the Tanium Module Server

  1. From the Main menu, click Tanium Solutions.
  2. In the Deploy section, click Uninstall and follow the process.
  3. Click Proceed with Uninstall.
  4. The uninstaller disables any actions and reissues saved questions.
  5. Return to the Tanium Solutions page and verify that the Import button is available for Deploy.

    If the Deploy module has not updated in the console, refresh your browser.

Remove packages

  1. From the Main menu, click Content>Packages.
  2. In the Content Set column, filter on values that contain Deploy.
  3. Retain the Deploy - Remove Tools packages, and select and delete all of the other packages.
  4. Confirm the action.

(Optional) Remove data directories and files

To permanently remove all Deploy data from the Tanium Module Server, manually delete the following directories and files. If you later import the Deploy solution, the previous data is not restored.

Windows:

  • \Program Files\Tanium\Tanium Module Server\services\deploy-files\
  • \Program Files\Tanium\Tanium Module Server\services\deploy-service\
  • \Program Files\Tanium\Tanium Module Server\temp\deploy-service\
  • \Program Files\Tanium\Tanium Module Server\temp\deploy-service-invoker\
  • \Program Files\Tanium\Tanium Module Server\temp\deploy-service-proxy\
  • \Program Files\Tanium\Tanium Module Server\temp\deploy-*.bak

TanOS:

This action requires access to the unrestricted shell. For more information, including how to request a shell key from your TAM, see Tanium Appliance Deployment Guide: Examine OS processes and files.

  • /opt/Tanium/TaniumModuleServer/deploy-files
  • /opt/Tanium/TaniumModuleServer/deploy-service
  • /opt/Tanium/TaniumModuleServer/temp/deploy-*.bak