Reference: Reveal settings
To access Reveal settings from the Reveal Home page, go to Settings 
and click Settings.
Consult with your Technical Account Manager (TAM) before you edit any settings in Reveal.
Reveal service settings
| Setting | Default value | Description |
|---|---|---|
| Log Level | info |
The log level for the Reveal service. |
| Enable Sensitive Data Logging | false | Include search details and file paths in audit logs. |
| Rule Publication Interval | 12 hours |
The time interval to automatically deploy rule and rule sets assignments to endpoints. |
| Validation Publication Interval | 30 minutes | The time interval to automatically deploy pending validations. |
| Rule Results Scan Interval | 1800 seconds | The frequency to gather rule results metrics from endpoints. |
| Tools Deployment Distribute Over Time | 1200 seconds | The time period to distribute tools to target endpoints. |
| Tools Deployment Reissue Interval | 3600 seconds |
The frequency to run the action to deploy tools. |
| Process Endpoint Distribute Over Time | 1200 seconds | The time period to distribute indexing packages to target endpoints. |
| Process Endpoint Reissue Interval | 3600 seconds |
The frequency to run the action to index endpoints. |
| Live Connection Max Files | 1000 files | Any files with a MIME type that are not already contained in another category. |
| Live Connection Max Snippets | 1000 snippets | The maximum number of snippets retrieved from a file from an endpoint. |
| Live Connection Page Expiration | 60 minutes | The security setting to expire URLs after the specific period. |
| Live Connection URL Scope | session | The security setting to share connection urls across users, scope them to the user, or to the users current session. |
| Rule Set Profile Distribute Over Time | 1200 seconds | The time period to distribute rule set profiles to target endpoints. |
| Rule Set Profile Reissue Interval | 3600 seconds | The frequency to run the action to deploy rule set profiles. |
| Rules Distribute Over Time | 1200 seconds | The time period to distribute rules to target endpoints. |
| Rules Profile Reissue Interval | 3600 seconds | The frequency to run the action to deploy rules. |
| Validations Deployment Distribute Over Time | 1200 seconds | The time period to distribute validations to target endpoints. |
| Validations Reissue Interval | 3600 seconds | The frequency to run the action to deploy validations. |
| Package File Cache Timeout | 300 seconds | The amount of time to wait for the Tanium Server to cache files for packages. Package and action creation fail if this timeout is exceeded. |
| Package Download Timeout | 1800 seconds | The amount of time to allow for Reveal package to download before timing out. |
| Time Sync Frequency | 10 minutes | How frequently to send out a time sync package. |
| Time Sync Distribute Over Time | 1200 seconds | The time period to distribute the time sync to target endpoints. |
| Vocabulary Sampling Interval | 600 seconds | The time period between when vocabulary sampling questions are sent out. |
| Decimation Schedule Automatic Deployment Interval | 48 hours | How frequently the decimation schedule gets recreated. |
| Decimation Schedule Expiration Period | 7 days | How long a decimation schedule is valid. |
| Global Vocabulary Decimation Threshold | 50 percent | Global completion percentage to reach before decimating the global vocabulary. |
| Decimation Scheduler Horizon | 21 days | How far into the future the decimation scheduler will attempt to predict. |
| Decimation Scheduler Growth Factor Gain | 1 percent | Determines how much effect each sampling status has on the growth factor. |
| Decimation Scheduler Deploy Frequency | 24 hours | The maximum amount of time allowed to pass before a new decimation schedule is deployed. |
| Decimation Scheduler Distribute Over Time | 1200 seconds | The time period to distribute decimation scheduler to endpoints. |
| Decimation Schedule Reissue Interval | 3600 seconds | How frequently the action to deploy the decimation schedule runs. |
Endpoint configuration settings
| Setting | Default value | Description |
|---|---|---|
| Log Level | info |
The log level for Reveal endpoint tools. |
| Path Filter Exclusions | none | Paths to exclude from parsing in regular expression format. For example: .*\.docx filters any files that end with the .docx file extension. |
| Path Stem Exclusions | none | Path stems represent absolute paths to exclude from parsing. For example: C:\Program Files (x86)\Tanium\Tanium Client\ filters all content under Tanium Client. |
| Maximum File Batch Size | 100000 files | The maximum files to process per index operation. |
| Maximum Text Content | 1024 KB | The maximum amount of text content to extract per file. |
| Maximum CPU | 3% | The maximum percentage of CPU to use. |
| Maximum Document Per DB Shard | 10000 files | The maximum number of documents per database shard. |
| Maximum Database Size | 1024 MB | The maximum size of the Reveal database. |
| Maximum Size Non-Streamable File Formats | 32768 KB | The maximum size of non-streamable file formats to index. |
| Minimum Available Disk Space | 2048 MB | The minimum amount of available disk space required to start an indexing operation. |
| Context Characters | 100 characters | The number of characters to include on either side of a pattern hit. |
| Tanium Index Max Query Files | 1000 files | The maximum number of files to request from Tanium Index at a time. |
| Max Files on Prune | 10000 files | The maximum number of files to process per prune operation. |
| Minimum Document Frequency | 5 documents | The minimum number of documents required to include a term in the global vocabulary. |
| (Internal) Vocabulary Sampling Exponent | -10 | The vocabulary sampling rate. |
| (Internal) Vocabulary Builder Decimation Coefficient | .5 | The decimation coefficient used by the vocabulary builder. |
Index configuration settings
| Setting | Default value | Description |
|---|---|---|
| Maximum CPU | 3% |
The maximum percentage of CPU that Tanium Index can use. |
| Rescan Interval | 3600 seconds | The frequency that Tanium Index scans. |
| Exclude from Hashing | none | Regex paths to exclude from hashing. |
Last updated: 6/30/2020 3:28 PM | Feedback