Troubleshooting Network Quarantine
To collect and send information to Tanium for troubleshooting, collect logs and other relevant information.
The information is saved as a compressed ZIP file that you can download with your browser.
- From the Network Quarantine home page, click Help , then click the Troubleshooting tab.
- In the Troubleshooting ZIP File section, Click Download the File.
A networkquarantine-support.zip file downloads to the local download directory.
- Attach the ZIP file to your Tanium Support case form or send it to your TAM.
Tanium Network Quarantine maintains logging information in networkquarantineNN.log files in the \Program Files\Tanium\Tanium Module Server\services\networkquarantine-files directory. A new log file gets created each time the file size reaches 1 MB.
- From the Network Quarantine home page, click Help , then the Troubleshooting tab.
- In the Logging Level section, select the log level that you want to enable.
The audit log contains all of the quarantine and unquarantine actions that occur on the configured NACs.
- From the Network Quarantine menu, click Audit log.
- You can filter the log by specific IP or MAC address, action, NAC name, and so on.
- Click Export to save the current view of the audit log to a CSV file.
When a client connects to ISE with a certificate, ISE remembers that certificate and pins the certificate to the client. If that client then attempts to connect with a different client certificate, the connection is rejected with a SASL:not-authorized error.
- In the ISE UI, go to Administration > pxGrid Services > All Clients.
- Select the user and delete the session.
- In Network Quarantine, start the NAC.
- From the Main menu, click Tanium Solutions.
- In the Tanium Content section, select the Network Quarantine row.
- Click Uninstall Solution. Click Uninstall to complete the process.
Last updated: 5/22/2020 11:22 AM | Feedback