Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
How to Use Dashboards
How to Use Data Asset Inventory
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Settings and Resources
Additional Resources
Reports
Reporting API
Customer Support Articles
How to Follow Data Through the Search PipelineEndpoint for Windows Configuration Reference GuideEndpoint Software Command Line InterfaceBasic Troubleshooting Steps (Enterprise Console)Endpoints or Results Fail to be Displayed in the ConsoleMongoDB and TLS 1.3SQL Client SQL Exception ErrorHow to Troubleshoot Spirion Client Search Failures and How to WhitelistCustomer Notice – Spirion Agent Update & Security Assessment for PostgreSQLHow to Enable Verbose/Debug Logging for the Endpoint ServiceHow can I monitor the status of a queue job?Can I monitor the job queue status automatically?Troubleshooting: "Unable to find job queue: search_queue"How to Verify the Discovery Agent's StatusHow to check if port 6433 is open on your networkWhat is the SDM Translator Service?How to Create a Single Tenant App for OneDrive and Exchange Online SearchesHow to Configure Spirion for Sybase DiscoveryHow to Use Certificates to Authenticate with SharePoint OnlineHow to Quarantine to a Remote Location Using Spirion Sensitive Data PlatformA Server Error has Occurred: How to use the Chrome Developer ToolsWhy doesn't my Oracle 19c Database scan?How to Enable Full Disk Access on a Mac AgentWhy is My Scan Node Running Out of Disk Space?What to do about Message Processing and Delays, also known as 'Lag,' in SpirionDetails About the Box API used by Spirion to Search Box AccountsHow to Build a Mac Package (PKG)How to Sanitize AgentsHow to Set User and Role AccessHow to Enable SSL Communication between Linux Agents and the Spirion ConsoleHow to Enable HTTPS for the Spirion ConsoleHow to Search BoxFAQ: How do I avoid being prompted to re-login to the Spirion console?Spirion Sensitive Data Platform Scan PerformanceHow to Authenticate to SharePoint On-PremiseHow to Configure Spirion Sensitive Data Platform to Connect to an Oracle DatabaseFAQ: Linux 12.5 Client Package Build WorkaroundTroubleshoot Exchange Online Using Microsoft Graph ExplorerFAQ: What to do when an agent will not start the discovery team scan?Required SQL Server PermissionsHow to Scan Microsoft Teams with Spirion Sensitive Data PlatformField Input Using Linux Machines Anti-virus Alerts Received during Spirion SearchVersion 13.6 MSI Installation Issues - Exe file not signedWhat are common firewall rules needed for distributed scans?
Release Notes

How to Sanitize Agents

Sanitize agents when Policies are not sent to the agent or when a scan is stuck in a failing state.

Before You Start

Users may want to sanitize agents when:

  • Policies are not arriving to the agent
  • When a scan is stuck in a failing state

How to Sanitize an Agent using PowerShell

  • The easiest way to sanitize an agent is via a PowerShell script
  • Run this script from the Windows PowerShell ISE

How to Manually Sanitize Agents

When running a PowerShell script is not an option, the steps here describe how to manually sanitize an agent:

  1. Navigate to the local agent machine.
  2. Open the Task Manager.
  3. Go the Processes tab.
  4. KILL the following processes by selecting each process and then pressing the Delete key on the keyboard:
    • Identity Finder Endpoint Service (blue arrows in the screenshot below)
    • Identity Finder idfServicesMonitor (blue arrows in the screenshot below)

    • If it is running, Identity Finder Command Line process
    • If there were previous Shipper or RMQ connection issues, KILL the process IdentityFinderService (red arrow in the screenshot above) as well
  1. Open Windows File Explorer.
  2. Navigate to the directory C:\ProgramData\Identity Finder 
  3. DELETE all files in the following directories:
    • Tasks
    • TasksMonitor
    • ScanProgress
    • MCData
    • AdminData
  5. Navigate to the directory C:\ProgramData\Identity Finder\Application\LocalSearch 
  6. Delete the file jobQueueLocal.db.
  7. Navigate to C:\ProgramData\Identity Finder\Application\Console\DistributedSearchInfo 
  8. Delete the file DistributedSearchInfo.db.
  9. Go back to the Task Manager.
  10. Select the "Services" tab.
  11. START the service IdentityFinderEndpointService.
    1. Identity Finder idfServicesMonitor service will start automatically
    2. IF the IdentityFinderService was previously stopped, this service must be restarted manually
  13. Any directories or deleted databases are automatically recreated/regenerated when the service IdentityFinderEndpointService restarts.

*** Unless there are issues shredding temp files, or the directory is full and consuming a lot of memory, there is no need to delete the the directory IDFTmpDir or anything in it, and there is no need to delete anything in the directory boost_interprocess***


Was this article helpful?

Powered by Product Fruits