Endpoint Groups
An Endpoint Group is used to group Desktop Agents into logical groups that can be used to send out desktop profiles, desktop monitors and browser extension rules.
The Desktop Agent registers with UXM every time it starts and synchronizes hourly. The agent is automatically placed into matching endpoint groups. There is a delay before the "Endpoints in group" counter is updated.
- Agent registeres or synchronizes, the groups it's assigned to can be viewed with following SPL:
`getIndexConfidentialData` (source="endpoint.registration" OR "endpoint.synchronization")
| rename node\_groups{} AS node\_groups | table source, host, hostname, node\_groups
| lookup ux\_node\_groups\_lookup \_key AS node\_groups OUTPUT name AS node\_groups\_names
- update_endpoint_groups.py executes hourly at minute 0 and inserts the nodes which where registered or synchronized in the last hour into the corresponding node groups, this is stored in the KVStore ux_node_group_assigned_nodes.
- daily_maintenance.py executes daily and updates the "Endpoints in group" to handle 50,000+ agents.
Accessing
Using the dropdown menu, navigate to Administration -> UXM Desktop Agent -> Endpoint Groups.
Edit Endpoint Group
Click "Edit" for a endpoint group to edit it, a new window till popup, where you can edit the configuration.
Adding Rules to Endpoint Group
Depending on whether you want to define a rule for IP, Hostname or Country, you should choose the corresponding option.
Example
In this example we are making a name rule, hence the "Auto discover rules" is set to "Add name rule". Each rule is setup in a OR structure, so only 1 of the rules in the group have to match.
<*if
rule equal X*
*or*
*rule equal Y*
*or*
*rule equal Z*
*or*
*...*>
You can view the agents (endpoints) that matched and are placed into each group by clicking “View endpoints in group”.
View All Endpoints Connected to a Group
Here you can see which endpoints are grouped together into a endpoint group. Read more about endpoints here.
