Other versions

Using action groups

You use action groups to create targets for scheduled actions.

In 7.1 and later, the default definition for the action group named Default includes the wildcard group named No Computers. This means that actions that are configured to target the default action group have no impact.

In previous releases, the action group named Default included the wildcard group named All Computers. The previous behavior enabled many core Taniumâ„¢ Initial Content packages to get pushed to a wide set of endpoints. We made the change to force users to manage action groups before actions can be issued to Tanium Clients.

Best practices

Move Tanium actions to their own group

The Tanium Initial Content and Client Maintenance content packs and other Tanium solutions include scheduled actions to ensure the endpoints have the tools needed to perform the functions in the sensors and packages deployed. These scheduled action need to be reissued to all machines to catch any new machines that do not have Tanium installed, machines that were rebuilt or had Tanium uninstalled, or virtual desktop infrastructure (VDI) machines that refresh on a regular basis.

After the initial deployment, create an action group that includes All Computers, and move the Initial Content and Client Maintenance scheduled actions to this new group.

Define specific use for each action group

Action groups comprise one or more computer groups. You can create an action group for a particular event and add computer groups over time: first a "test" group, then "OS type" groups or "region" groups.

Limit access to edit action groups

Coordinate changes you make to the action groups configuration with all affected administrators. It is possible that an administrator has configured scheduled actions that target the set of computers that belong to the action group as it existed when the scheduled action was last configured.

Procedures

Only users assigned the Administrator reserved roles can create, modify, or delete action group configurations.

Create an action group

  1. Go to Actions > Scheduled Actions.
  2. Click New Group to display the configuration page.
  3. Specify a name, select a visibility option, and select computer groups. You can combine the sets of computers using a Boolean AND or Boolean OR.
  4. Click Save.

Edit an action group

  1. Go to Actions > Scheduled Actions.
  2. Select the action group in the left menu.

    The console displays the group details in the right pane.

  3. Click Edit to display the configuration page.

Change the action group associated with an Action

  1. Go to Actions > Scheduled Actions.
  2. Click a row in the grid to select the action you want to change.
  3. Click More and select Change Group.
  4. Select the action group and click Confirm.

Delete an action group

  1. Go to Actions > Scheduled Actions.
  2. Select the action group in the left menu.
  3. Click the delete icon .

    If the action group has existing scheduled actions, you are prompted to migrate them to one of the remaining action groups.

  4. Use the Migrate existing scheduled actions to below selected action group drop-down list to select a new action group.
  5. Click the Delete button.

Last updated: 10/22/2018 2:37 PM | Feedback