Reference: Reveal settings
To access Reveal settings from the Reveal Home page, go to Settings 
and click Settings.
Consult with your Technical Account Manager (TAM) before you edit any settings in Reveal.
Reveal service settings
| Setting | Default value | Description |
|---|---|---|
| Log Level | debug |
The log level for the Reveal service. |
| Enable Sensitive Data Logging | false | Include search details and file paths in audit logs. |
| Rule Publication Interval | 48 hours |
The time interval to automatically deploy rule and rule sets assignments to endpoints. |
| Rule Results Scan Interval | 1800 | The frequency to gather rule results metrics from endpoints. |
| Tools Deployment Distribute Over Time | 1200 seconds | The time period to distribute tools to target endpoints. |
| Tools Deployment Reissue Interval | 3600 seconds |
The frequency to run the action to deploy tools. |
| Process Endpoint Distribute Over Time | 1200 seconds | The time period to distribute indexing packages to target endpoints. |
| Process Endpoint Reissue Interval | 3600 seconds |
The frequency to run the action to index endpoints. |
| Live Connection Max Files | 1000 files | Any files with a MIME type that are not already contained in another category. |
| Live Connection Max Snippets | 1000 snippets | The maximum number of snippets retrieved from a file from an endpoint. |
| Live Connection Page Expiration | 60 minutes | The security setting to expire URLs after the specific period. |
| Live Connection URL Scope | session | The security setting to share connection urls across users, scope them to the user, or to the users current session. |
| Rule Set Profile Distribute Over Time | 1200 seconds | The time period to distribute rule set profiles to target endpoints. |
| Rule Set Profile Reissue Interval | 3600 seconds | The frequency to run the action to deploy rule set profiles. |
| Rules Distribute Over Time | 1200 seconds | The time period to distribute rules to target endpoints. |
| Rules Profile Reissue Interval | 3600 seconds | The frequency to run the action to deploy rules. |
| Validations Deployment Distribute Over Time | 1200 seconds | The time period to distribute validations to target endpoints. |
| Validations Reissue Interval | 3600 seconds | The frequency to run the action to deploy validations. |
| Package File Cache Timeout | 300 seconds | The amount of time to wait for the Tanium Server to cache files for packages. Package and action creation fail if this timeout is exceeded. |
| Package Download Timeout | 1800 seconds | The amount of time to allow for Reveal package to download before timing out. |
Endpoint configuration settings
| Setting | Default value | Description |
|---|---|---|
| Log Level | info |
The log level for Reveal endpoint tools. |
| Path Filter Exclusions | none | Paths to exclude from parsing, in regular expressions. |
| Path Stem Exclusions | none | Path stems to exclude from parsing. |
| Maximum File Batch Size | 100000 files | The maximum files to process per index operation. |
| Maximum Text Content | 1024 KB | The maximum amount of text content to extract per file. |
| Maximum CPU | 3% | The maximum percentage of CPU to use. |
| Maximum Document Per DB Shard | 10000 files | The maximum number of documents per database shard. |
| Maximum Database Size | 1024 MB | The maximum size of the Reveal database. |
| Maximum Size Non-Streamable File Formats | 32768 KB | The maximum size of non-streamable file formats to index. |
| Minimum Available Disk Space | 2048 MB | The minimum amount of available disk space required to start an indexing operation. |
| Context Characters | 100 characters | The number of characters to include on either side of a pattern hit. |
| Tanium Index Max Query Files | 1000 files | The maximum number of files to request from Tanium Index at a time. |
| Max Files on Prune | 10000 files | The maximum number of files to process per prune operation. |
| Minimum Document Frequency | 5 documents | The minimum number of documents required to include a term in the global vocabulary. |
| (Internal) Vocabulary Sampling Exponent | -10 | The vocabulary sampling rate. |
| (Internal) Vocabulary Builder Decimation Coefficient | .5 | The decimation coefficient used by the vocabulary builder. |
Index configuration settings
| Setting | Default value | Description |
|---|---|---|
| Maximum CPU | 3% |
The maximum percentage of CPU that Tanium Index can use. |
| Rescan Interval | 3600 seconds | The frequency that Tanium Index scans. |
| Exclude from Hashing | none | Regex paths to exclude from hashing. |
Last updated: 11/1/2019 1:15 PM | Feedback