Endpoint Groups
A endpoint group is used to group Desktop agents into logical groups that can be used to send out desktop profiles, desktop monitors and browser extension rules.
The desktop agent registers with UXM every time it starts and synchronizes hourly. The agent is automatically placed into matching endpoint groups.
The is a delay before the "Endpoints in group" counter is updated.
- Agent registeres or synchronizes, the groups it's assigned to can be viewed with following SPL:
`getIndexConfidentialData` (source="endpoint.registration" OR "endpoint.synchronization") | rename node_groups{} AS node_groups | table source, host, hostname, node_groups | lookup ux_node_groups_lookup _key AS node_groups OUTPUT name AS node_groups_names
- update_endpoint_groups.py executes hourly at minute 0 and inserts the nodes which where registered or synchronized in the last hour into the corresponding node groups, this is stored in the KVStore ux_node_group_assigned_nodes.
- daily_maintenance.py executes daily and updates the "Endpoints in group" to handle 50.000+ agents.
Overview over endpoint groups and the endpoints in each group.
Editing a endpoint group.
Click "Edit" for a endpoint group to edit it, a new window till popup, where you can edit the configuration.
Adding rules to a endpoint group.
Depending on whether you want to define a rule for IP, name or location, you should choose the corresponding option:
In this example we are making a name rule, hence the "Auto discover rules:" is set to "Add name rule"
Each rule is setup in a OR structure, so only 1 of the rules in the group have to match.
An example of the or structure could be:
<if
rule equal X
or
rule equal Y
or
rule equal Z
or
...>
You can view the agents (endpoints) that matched and are placed into each group by clicking “View endpoints in group”.
Viewing all endpoints connected to a group.
Here you can see which endpoints are grouped together into a endpoint group.
*Read more about endpoints here.