Other versions

Managing scheduled actions

A scheduled action is created when actions are deployed from the Interact results grid. Some Tanium™ content that you import also creates scheduled actions.

Administer scheduled actions

A scheduled action configuration specifies:

  • Package
  • Schedule settings
  • Targeting criteria

A set of scheduled action configuration objects is created when Initial Content is imported during the Tanium™ Server installation. These actions are related to the hygiene of the Tanium environment itself. Additional scheduled action configuration objects may be created when you import additional Tanium content packs and Tanium solution modules.

You use the Scheduled Actions grid to perform administration tasks related to scheduled actions.

To display the Scheduled Actions grid, go to Actions > Scheduled Actions.

When you select a row, red action buttons are displayed above the grid. Given the context of the row selection, only the possible and permitted administration tasks are enabled. For example, the green checkmark in the status column indicates that the action is enabled. When the More menu is expanded, the list includes Disable Action, but not Enable Action. If the status column were to indicate the action is disabled, the More list would include Enable Action but not Disable Action.

Figure  1:  Scheduled Actions page

The following table summarizes the administration tasks.

Table 1:   Scheduled actions administration tasks
Task Guideline
Reissue Displays the Reissue Action page. You can change the name, schedule, and targeting criteria.
Edit Displays the Edit Action page. You can change the schedule and targeting criteria.
Package Status Displays package details. You can use this dialog box to re-download the package if you had encountered issues with an out-of-date package.
Enable/Disable Action Enables/disables the scheduled action.
Change Group Assigns the scheduled action to a new action group. An action group contains one or more computer groups.
Copy Action Copies the scheduled action to a new action group.
Copy Text Copies the grid row data to the clipboard.
Export Exports the configuration details for the selected item as an XML file.
Delete Displays the Delete Action page. You can review the configuration before you delete it.

Manage Action History

The Action History grid displays a chronology of actions that have been initiated, completed, or scheduled.

To display the Action History grid, go to Actions > Action History.

The status column shows the status of the action:

  • Open

    The time window for the action has not expired. The expiration period is the larger result from the following calculations:

    • The package Command Timeout + Download Timeout values
    • The package Command Timeout + the scheduled action Distribute over value

  • Closed

    The time window has expired. If an action is reissued, a new row is added based on the new start time.

  • Stopped

    The action was stopped by an administrator.

You can use data range filters, computer group filters, Text filters, and row sorting to find actions that require administrative action.

When you select a row, red action buttons are displayed above the grid, indicating the administration tasks you can perform related to the record.

Figure  2:  Action History page

The following table summarizes the administration tasks.

Table 2:   Action History administration tasks
Task Guideline
Show Status Display the Action Status page.
Stop Stop the action.
Reissue Display the Reissue Action page. You can change the name, schedule, and targeting criteria.
Copy Copy the grid row data to the clipboard.

The following figure shows the Action Status page.

Figure  3:  Action Status page

The following progress and completion states are reported for the clients:

  • Waiting

    Waiting to download files necessary to start the action.

  • Downloading

    Files necessary to start the action are downloading.

  • Running

    Action is currently executing.

  • Waiting to Retry

    Action will be retried shortly.

  • Completed

    Action has successfully been completed.

  • Expired

    Action did not start or complete within the available time window.

  • Failed

    Action was not successfully completed.

  • Verified

    Action completed and a verification question was used to verify success.

Understand Action ID

Each action deployed to endpoints is assigned an action ID. The ID appears in multiple places in the user interface.

Action ID is a column in the Action History grid.

Figure  4:  Action ID on the Action History page

Action ID appears in the URL of the Action Status page.

Figure  5:  Action ID on the Action Status page

On the Tanium Client, the Action ID is written to the <ClientInstallationFolder>\Downloads\actionstatuses.ast file.

Figure  6:  Action ID in the actionstatuses.ast file

It is also written to the action history log file.

Figure  7:  Action ID on action-history.txt

Typically, you do not need to drill into the status file or action log file on the Tanium Client.

Import/export a scheduled action configuration

We recommend you test scheduled actions in your lab before importing them into your production environment.

Role requirements

Users can export specific scheduled actions for which they have Write Action permission. Users with the Administrator or Content Administrator reserved role can export and import the complete scheduled actions configuration.

Export specific actions

  1. Go to Actions > Scheduled Actions.
  2. Select one or more actions, click More, and select Export.
  3. Enter a file name or use the default and click OK.

Export the complete scheduled actions configuration

  1. From any Authoring page, click the Export to XML link in the top right.
  2. In the Export Content selection box, select the Saved Actions item and click Export.
  3. Enter a file name or use the default and click OK.

Import a configuration

  1. From any Authoring page, click the Import from XML link in the top right.
  2. Browse to and select the configuration file and click Import.

You must use KeyUtility.exe to sign XML files before you import them. You must also copy the public key for the key that signed the XML file to the Tanium Server keys folder. When you import content, the Tanium Server verifies the signature on the imported content against its store of content signing key files. See Signing content XML files.

Last updated: 7/31/2018 5:03 PM | Feedback