Endpoint Troubleshooting

Endpoint Troubleshooting is the front-end to the real-time aspects of 1E Platform. It lets you interactively ask questions, run actions and view responses. You can also use it to view the connected client devices.

1E Endpoint Troubleshooting features

Endpoint Troubleshooting gives you the ability to investigate, remediate issues and manage operations across all your endpoints in real time. For more information, please refer to Introducing Endpoint Troubleshooting.

Here's an overview of the features available in the Endpoint Troubleshooting application.

Questions, actions and their responses

Endpoint Troubleshooting lets you directly question connected devices to retrieve responses, run actions, and get real-time information from them. The Endpoint Troubleshooting front-end capabilities ensure fast querying, investigation, and remediation.

The questions, responses and actions feature includes:

Graphical display of response information

Instruction impact assessment

Response history.

Note

For more information on Instructions and their responses, please refer to:

Endpoint Troubleshooting Home page, questions, and responses

Question parameters

Instructions

History

Exporting data from 1E Endpoint Troubleshooting

Results visible in Endpoint Troubleshooting can be exported to files containing comma-separated values (CSV) or, in the case of the Export all option on the instruction response page, tab-separated values (TSV), and results can be marked for export at the point of asking a question to automate the process. Endpoint Troubleshooting lets you export the data on a number of pages to CSV files:

Instruction history

Responses - you can export a single page or all results once the Instruction has finished gathering responses - these can then be used for auditing purposes or to drive external programs

Drill-down responses

Device information.

Note

For more information on exporting data from Endpoint Troubleshooting, please refer to:

Exporting data from Endpoint Troubleshooting.

Coverage, question filters, view filters and follow-on instructions

Questions and responses can be tailored to focus on specific ranges of devices through the use of coverage and filters:

Coverage acts first to let you restrict the devices that will be asked a given question

Question filters act before devices have responded to narrow the responses that are sent

View filters act after the responses have been sent to focus the responses presented to the user and to determine the input into the follow-on instructions

The responses to initial questions can be further refined by asking follow-on questions or actions, allowing questioners and actioners to focus in on the results they want to see.

Note

For more information on coverage, question filters, view filters and follow-on instructions, please refer to:

Coverage, question filters, and view filters

Limiting coverage using a Management group - tutorial

Refining responses with follow-up questions

Approval workflow

To enhance the safety of running actions in the 1E system, there is an approval workflow that ensures that every 1E action requires the approval of designated approvers before it can be run. To make it even safer, someone with approval permissions cannot approve their own action.

When an attempt is made to run an action, the 1E approval workflow sends an email and a notification to all the approvers associated with the action. Any of the approvers may approve or reject the request to run the action.

Note

For more information on the Approval workflow, please refer to:

The action approval workflow

Performing an action - tutorial

Authentication

Users must provide their user credentials when attempting to run an action, this prevents unauthorized access by a third party attempting to make use of an unattended computer.

Actions can also be configured to require two-factor authentication. This is where the user attempting to run an action is challenged to enter a unique, one-time authorization code that has been sent to them by an alternative method such as email or a registered mobile.

Note

For more information on authentication, please refer to:

Two-factor authentication

Task-based organization for accessing and scheduling instructions

1E provides a way of accessing the questions and actions that is organized around the way that network administrators typically interact with their network. This interface also lets you run the Instruction using a schedule.

The Endpoint Troubleshooting→Instructions→Tasks page in Endpoint Troubleshooting provides a structured view of the instructions defined in the DEXPack. It also lets you schedule the tasks so they can be run in the future or according to a particular schedule.

Using task groups

The benefit of using Tasks lies in the task group structure that is defined in the DEXPack. It is this structure that enables you to focus in on specific task areas to find the particular instruction that you want.

For example you may be interested in instructions related to particular software vendor's products. Depending on the Instructions that you have uploaded to your 1E system you may see the following structure:

At the top-level there is a Software Vendors task group whose children are 1E and Microsoft.

Underneath the 1E task group there is a 1E group that contains Configuration, Diagnostics and Verification groups as well as a couple of Instructions.

Underneath the Microsoft task group is the Configuration Manager task group containing Instructions related to that product.

Note

For more information on using Task groups to access and schedule Instructions, please refer to:

Tasks

Scheduling instructions

Scheduling instructions - a tutorial

Inventory and connectivity

The Devices page in the Endpoint Troubleshooting shows you all the devices that have connected with 1E and their current connection status. There are two views provided that let you research the devices: the devices table and the devices dashboard, please refer to The Devices Table and The Devices Dashboard for more details.

Note

For more information on inventory and connectivity, please refer to:

Investigating Devices

Using the Devices dashboard - Tutorial