Troubleshooting

Collect logs

Collect logs within Integrity Monitor

You must have either an Administrator or Content Administrator role in Integrity Monitor to collect logs.

To collect logs required for troubleshooting

  1. At the top right of the Home page, click the help .
  2. Click the Troubleshooting tab.
  3. Click Collect and then click Download to get the zipped file required by Tanium to assist you with troubleshooting.

Manually collect logs

If you are unable to collect logs within Integrity Monitor or need to collect logs manually:

  1. Log into the machine hosting the Tanium Module Server.
  2. Go to C:\Program Files\Tanium\Tanium Module Server\services\integrity-monitor-service-files and provide the files in this directory to Tanium to assist you with troubleshooting.

Remove Integrity Monitor tools

If needed, you can deploy a pre-configured package to remove Integrity Monitor tools from an endpoint or computer group.

Linux

  1. Using Interact or a Saved Question, run the Integrity Monitor Endpoint Tools Status Sensor and the Is Linux Sensor.
  2. From the Linux endpoints that have Integrity Monitors tools installed, drill down and select the targets.
  3. Deploy the Integrity Monitor Endpoint Tools Removal [Linux]  package to those targets.

Windows

  1. Using Interact or a saved question, run the Integrity Monitor Endpoint Tools Status Sensor and the Is Windows sensor.
  2. From the Windows endpoints that have Integrity Monitor tools installed, drill down and select the targets.
  3. Deploy the Integrity Monitor Endpoint Tools Removal [Windows]  package to those targets.

Specify Diagnostic Settings

  1. To specify minimum log level, at the top right of the Home page, click Help .
  2. Click the Troubleshooting tab.
  3. Select the desired Log Level. The default for this setting is INFO.

Last updated: 9/5/2018 9:53 AM | Feedback