You can use computer groups:
- To set "management group rights" that determine visibility of endpoints to the logged in user.
- As a filter on the results grid.
- As the building blocks of the action groups that are used to deploy scheduled actions and one-time actions.
You must be assigned a role with the Write Computer Group (Micro Admin) permission to create, modify, or delete computer group configurations. To create or modify the configuration, you also need the Read Sensor permission on the Reserved content set. The Reserved content set includes content used to ask preview questions. Users that are assigned the Administrator or Content Administrator reserved roles have these permissions.
You can define groups in two ways:
Recommended. Based on results of a filter, such as Windows OS Type containing "server".
Not recommended. Based on a specified list of computer names or IP addresses.
We strongly recommend you define computer groups using filters whenever possible. Manual groups cannot be modified. To make a change to a manual group, you must create a new configuration and then update any other configuration that referenced it, like action groups, scheduled actions, and dashboards. There are also issues if you try to use manual groups with a Zone Server or Tanium Patch™ 2.0.
Historically, customers have used manual groups for computers that require special handling, like critical servers or executive laptops. However, manual groups can be difficult to manage and are not compatible with some Tanium components and solutions. You can meet the same objectives with filter-based computer groups based on a static custom tag, such as Critical_Servers.
Here is the basic workflow:
- Use Interact to target the computers you want to tag.
- From the results grid, deploy an action. Select the Custom Tagging - Add Tags package. In this example, the tag Critical_Servers is applied.
- Use Interact to ask a question and confirm the tag has been applied.
- Create a filter-based computer group based on the tag.
Last updated: 2/20/2018 3:46 PM | Feedback