Maintaining Endpoint Configuration

Perform monthly maintenance tasks to ensure that Endpoint Configuration successfully performs scheduled activities on all the targeted endpoints and does not overuse endpoint or network resources. If Endpoint Configuration is not performing as expected, you might need to troubleshoot issues or change settings. See Troubleshooting Endpoint Configuration for related procedures.

Review and remediate tools deployment

1. From the Main menu, go to Administration > Shared Services > Endpoint Configuration.

2. Review the deployment status of tools:
• From the Endpoint Configuration menu, select Tools. See View deployed endpoint tools.
• From the Endpoint Configuration menu, select Content-Only Solutions. See View the status of content-only solutions.
3. To troubleshoot deployment issues for tools, see Identify and resolve issues with endpoint tools or client extensions.

Verify whether endpoints have the latest manifest

Verify that endpoints have the latest Endpoint Configuration manifest, which is a file that determines the versions of solution tools to install on endpoints. If endpoints do not have the latest manifest because of action locks or some other issue, the endpoints do not install the latest tools versions.

1. From the Endpoint Configuration menu, go to the Overview page, and note the Manifest Revision (version) in the Summary section..

2. Go to the Tanium Home page and ask the following question:

   Get Endpoint Configuration - Manifest Metadata?maxAge=60 and Action Lock Status from all machines

   The manifest changes whenever a configuration or tool change occurs. Therefore, use the maxage=60 option for the Manifest Metadata sensor to ensure that you retrieve the latest data from endpoints.

   Sort the Question Results grid by Revision to list the versions in descending numerical order, which makes it easier to identify endpoints with an earlier manifest version.

3. If the Question Results indicate Action Lock Status is on for some endpoints that do not have the latest manifest:

   1. Consult whoever turned on the action locks to verify that it is now safe to run actions on those endpoints.

   2. Disable action locks on the endpoints that require an updated manifest. See Tanium Console User Guide: Turn off action locks. Perform one of the following tasks:
      • Disable action locks on the endpoints that require an updated manifest. See Tanium Console User Guide: Turn off action locks.
      • Configure Endpoint Configuration to ignore action locks for all endpoints. See Global Endpoint Configuration settings.
4. Update the manifest on any endpoints that require an updated version.

Update the manifest

Windows and non-Windows endpoints require separate packages to update the manifest. Therefore, perform the following steps for each type of endpoint:

1. Go to the Tanium Home page and ask the following question:

   Get Endpoint Configuration - Manifest Metadata?maxAge=60 from all machines

2.  Select the endpoints that have an outdated manifest and click Deploy Action.

3. Select the Deployment Package that matches the target endpoints:
   • Windows endpoints: Endpoint Configuration - Manifest [Windows] (v. <latest_manifest_version>)
   • Non-windows endpoints: Endpoint Configuration - Manifest [Non-Windows] (v. <latest_manifest_version>)
4. Configure the remaining action settings and deploy the action. See Tanium Console User Guide: Deploying actions.

If the manifest update fails, investigate environmental factors, such as security exclusions, file locks, CPU usage, RAM usage, and disk failures. Contact Tanium Support for additional help.