Update Policy States

The Update Policy States service task is responsible for updating a policy's state across all endpoints. This service task is necessary to periodically reconcile any Resultant Set of Policy for endpoints.

Policy updates are usually applied to an endpoint at the next polling interval, but in some cases it may take longer to calculate the new policy and more than one polling interval may pass before the policy is applied to the endpoint. One way this can occur is when a policy has attachments, such as search locations or ignore lists, and these attachments need to be generated. If they have not been generated at the next polling interval, then the Agent makes another request at the next polling interval.

Some policy changes require the Update Policy States Service Task to run, in which case the endpoint does not update until the next time the Update Policy States Service Task is executed.

For example, you would need to run the Update Policy States Service Task in order for the policy to be recalculated if one of the following happened:

An endpoint, or the tag in which it exists, is added to another tag or removed from a tag.
An endpoint, or the tag in which it exists, is removed from a policy.

The Update Policy States Service Task also removes Search Now and Gather Data tasks that have a Current Status of 'Task Executed' from the Endpoint Status Detail Tasks tab.

The Update Policy States Task has the following options:

Field	Description
Information	This text field is used to provide a description of the purpose of the Update Policy States task being created and is only present to help users manage their tasks.
Location	This option only displays if you have chosen to replicate your database prior to installation of the Console, but is disabled for this service task.
Maximum task run time	Specify the amount of time that the service task has to complete. For example, if you set the Maximum task run time to 5 minutes, after 5 minutes has elapsed from the time the service task first executes, the service job stops and its status shows as Aborted. The default setting is indefinitely. The following options are available: Indefinitely - The task runs until completion. Minutes - Set the number of minutes the service task has to complete. If the service task does not complete within the allotted time it aborts. Hours - Set the number of hours the service task has to complete. If the service task does not complete within the allotted time it aborts. Days - Select the number of days the service task has to complete. If the service task does not complete within the allotted time it aborts.

Field

Description

Information

This text field is used to provide a description of the purpose of the Update Policy States task being created and is only present to help users manage their tasks.

Location

This option only displays if you have chosen to replicate your database prior to installation of the Console, but is disabled for this service task.

Maximum task run time

Specify the amount of time that the service task has to complete. For example, if you set the Maximum task run time to 5 minutes, after 5 minutes has elapsed from the time the service task first executes, the service job stops and its status shows as Aborted. The default setting is indefinitely. The following options are available:

Indefinitely - The task runs until completion.
Minutes - Set the number of minutes the service task has to complete. If the service task does not complete within the allotted time it aborts.
Hours - Set the number of hours the service task has to complete. If the service task does not complete within the allotted time it aborts.
Days - Select the number of days the service task has to complete. If the service task does not complete within the allotted time it aborts.

This service task is scheduled by default to run hourly with a new installation of the Console.

Note: If an endpoint has only a single policy applied to it and that policy is removed, the policy settings will still be in effect for that endpoint until the Update Policy States service job is run and the endpoint polls the Console.