Overview
A healthy environment is one in which active endpoints connect to the CrashPlan cloud to report status and back up data. There are several tools available to help you identify devices that may need attention. This article describes how you can use these tools to maintain and improve your CrashPlan environment health.
Environment health monitoring tools
Users and Devices
Both the Users list and Devices list allow you to quickly view either active or deactivated users and devices: just click the appropriate tab. You can use this information to determine whether a user or device should be deactivated because that user is no longer with your organization or that device has been replaced.
Users and devices involved in legal holds cannot be deactivated
Users that are custodians of a legal hold (and their associated devices) cannot be deactivated in the CrashPlan console. These users and devices are included in active totals, even if those users are no longer with your organization.
Work with your Legal department to identify users that are involved in a legal hold, and remember to account for these users and their devices when reviewing the totals in active users and devices lists.
The User details screen lists all devices associated with a user. Click a device name to open the Device details screen for that device. Both screens display a progress bar that indicates the health of that device:
- Green: The device has sent data to the CrashPlan cloud within the past three days.
- Yellow: Indicates a warning state, meaning that the device hasn't sent any new data to the CrashPlan cloud in three days.
- Red: Indicates a critical state, meaning that the device hasn't sent any new data to the CrashPlan cloud in seven days (or longer).
In addition, statistics displayed throughout the CrashPlan console can help you identify devices that may need attention:
- In the Devices list, the Last Backup Activity column displays the amount of time that has elapsed since the device last sent data to CrashPlan.
- On the Device details screen, Authority Connection indicates whether the device is Online (and authenticated with the CrashPlan cloud) or Offline. Offline does not necessarily indicate a problem with that device as users may be on vacation or extended leave and not actively using it.
- On the Device details screen, Last Activity displays the time elapsed since the device last sent backup data to CrashPlan. If there hasn't been activity for multiple days:
- Verify that the computer has been turned on and connected to the Internet.
- Access the client device to verify that it’s connected to the CrashPlan cloud and is operational.
- Run a network connection test over port 4287 to the destination's IP address to verify connectivity.
- On the Device details screen, Completed represents the time elapsed since the device reached 100% backed up. If this shows that the last 100% backup happened many days or weeks ago, the device is likely sending new files, but a small number of files may be locked and preventing backup. To troubleshoot these situations, follow these articles:
Device Status report
Use the Device Status report to gather information about the devices in your CrashPlan environment. You can use this report to:
- Identify devices with abnormally small archives (such as 10 MB or less), which may indicate installation or deployment errors that prevent those devices from sending data to the CrashPlan cloud.
- Verify the version of the CrashPlan app installed on devices to determine which may need to be upgraded.
- List devices by the date and time they last sent data to the CrashPlan cloud. This can help you identify those that have not connected in some time.
- List devices by the date and time they last completed a backup. This can help you identify devices with locked files or other issues that are preventing backup.
For more information, see CrashPlan device status report use cases.
Email warnings
The CrashPlan cloud sends out warning emails if a device hasn't sent data to any backup destinations after a certain time period. The default is to send a warning message after three days and a critical message after five days. A warning email indicates that further investigation is needed.
You can configure the number of days that trigger either warning or critical emails in the organization Reporting settings.
CrashPlan API
The CrashPlan APIs give you comprehensive access to information about your environment. You can use them to query for details about users and devices, to integrate with other systems and monitoring tools you use, or to automate tasks or responses. Pay special attention to the following APIs:
- Device: List all devices in your environment sorted by the date and time they last connected to the CrashPlan cloud.
- User: Identify the users in your environment who are active, inactive, or blocked, and can list all of the devices owned by specific users.
- Legal Hold: Identify the users who are associated with active investigations. From this information, you can identify devices that may need to be preserved until the investigation completes.
For help using the CrashPlan API, contact your Customer Success Manager (CSM). If you do not know your CSM, please contact our technical support team.
Actions to improve environment health
Ensure devices are up-to-date
When a device is running an outdated version of the CrashPlan app, it may not be reporting all file activity efficiently. Use the tools in the CrashPlan console, CrashPlan API, or CrashPlan CLI to identify devices that aren't running the current version of the CrashPlan app.
To troubleshoot device updates:
- Verify that those devices are still in use and can connect to the CrashPlan cloud. Deactivate devices that are no longer used to connect to CrashPlan.
- Verify that devices are using current deployment policy properties, scripts, and tokens. If the CrashPlan app is deployed to a device with incorrect properties, initial installation may not have completed successfully (and thus, subsequent upgrades cannot complete either). Ensure that the scripts used to associate a username with a device are correct and use the appropriate commands and arguments for the operating system. Generate a new token as needed.
- If needed, uninstall and reinstall the CrashPlan app to resolve issues with upgrading.
Troubleshoot connection issues
If a user's device is unable to connect to the CrashPlan cloud, CrashPlan cannot accurately report statistics regarding backup completions occurring on that endpoint.
Causes
The most common reasons that a device cannot connect to the CrashPlan cloud include:
- The user is on extended leave, and his or her endpoint is powered off or is not actively in use.
- The user has left the organization but has not been deactivated.
- The user has received a new device and no longer needs to use the previous endpoint.
- Other applications installed on the device are interfering with connectivity.
- Communication between the CrashPlan app installed on the device and the CrashPlan cloud is blocked.
- The user has uninstalled the CrashPlan app or has stopped the CrashPlan service.
- An administrator is using deep packet inspection to examine traffic from devices to the CrashPlan cloud.
- Mac devices don't have full disk access, or the .mobileconfig file deployed to the device isn't set up correctly.
Solutions
To resolve device connectivity issues, take the following actions:
- If employees have access to the CrashPlan app, verify that the employee is able to connect to backup destinations and the CrashPlan service. Make sure that all backup destinations are available. Use the status messages displayed in the CrashPlan app to help diagnose any issues.
- Verify employee status with managers or your organization's Human Resources department. Remember that users who are custodians of legal holds cannot be deactivated.
- Deactivate devices that are no longer used to connect to CrashPlan.
- Verify that employees use the replace device wizard to associate their previous device's backup archive with their new device and prevent backups from starting over.
- Verify that you have created exceptions for CrashPlan in any antivirus, security, or endpoint detection and response (EDR) applications your organization uses, and that those exception are valid and working correctly.
- Verify that the IP addresses and ports used by CrashPlan are open and that there is no deep packet inspection on CrashPlan traffic on port 4287. Verify that network traffic settings are optimized for where your employees work.
- Deploy the CrashPlan app so that it cannot be uninstalled.
- Disable client visibility on user devices or deploy the CrashPlan app using the DEVICE_CLOAKED argument in deployment scripts.
- Use Jamf's Privacy Preferences Policy Control (PPPC) Utility to create and deploy a .mobileconfig file to the Mac devices in your environment to grant these devices full disk access. When creating this file, verify that the settings are correct for your organization:
- In Properties, all areas you want to monitor are selected.
- In Apple Events, all web browsers you want to monitor for uploads are selected.
- In System Extensions, the CrashPlan app team identifier and system extension are correct.
Troubleshoot backup issues
Even though an endpoint may be able to connect to the CrashPlan cloud, it may not be able to successfully complete a backup.
Causes
The most common reasons that a device cannot complete a backup include the following:
- The file selection is incorrect.
- The file selection may include files that are constantly changing (such as log files).
- The file selection may include temporary files that no longer exist at the next backup session.
- Files are locked, or the CrashPlan app doesn't have the correct permissions to back up those files.
- Users may have paused backups.
- If CPU throttling is restricted, the CrashPlan app may not have the CPU resources required to complete a backup.
- If network throttling is restricted (either in the CrashPlan app or by your organization's network settings), the CrashPlan app may not have enough bandwidth to send the backup data.
- The frequency between backup sessions is too short when compared to the size of the backup set, making the CrashPlan app unable to complete a backup before the next backup begins.
Solutions
To resolve device backup issues, take these actions:
- If employees have access to the CrashPlan app, verify that the employee is able to connect to backup destinations and the CrashPlan service. Make sure that all backup destinations are available. Use the status messages displayed in the CrashPlan app to help diagnose any issues.
- Verify that the file selection is correct. After verifying the backup set, review the device backup history log for files that aren't backed up and adjust file exclusions to exclude temporary files or files that are constantly being updated.
- Verify that the CrashPlan app has the necessary permissions (especially for Mac devices).
- Ask employees to restart backups. If needed, you can disable users' ability to pause backups.
- Increase the amount of CPU processing available for backup activity.
- Increase the network bandwidth available for backup activity. You can update network settings in the CrashPlan console to address CrashPlan app network usage.
- If the employee is backing up large files that frequently change, consider updating the backup frequency setting to allow more time between backup sessions.
Resolve devices with invalid archives
Generally, a device demonstrates that it can successfully connect to and send data to the CrashPlan cloud when it has an archive that is larger than 10 MB. Devices with archives smaller than 10 MB likely have issues that need attention.
- The user home directory for that device may be incorrect, which may interfere with the device sending backup data at all. You can reset a device's home directory with the
agent.userhome
command in the CrashPlan console's command-line interface. - The file selection is incorrect and thus the device isn't sending backup data as expected. To resolve file selection issues:
- Verify that file exclusions are entered correctly.
- Verify the capitalization used in the file selection matches file paths and file names.
- Clear the device's cache.
- One (or more) Mac devices may not have full disk access.
Use the Device Status report to list devices with archives smaller than 10 MB for investigation.
Deactivate unneeded users and unused devices
An unmanaged environment can include any number of users who are no longer with the organization or devices that are no longer used to connect to CrashPlan. These unneeded users and unused devices may pose risks to your organization:
- Unnecessary data may violate your organization's data retention policies.
- With too much data to sift through, it's difficult to diagnose which users or devices aren't connecting properly, resulting in unfocused troubleshooting and unclear resolution paths.
- They cause processing delays and inefficiencies.
An accurate user and device inventory allows you to act with intention and clarity. To identify users and devices that are no longer needed in CrashPlan:
- Work with your Human Resources department to list users that are no longer with your organization. You can also use the CrashPlan API to develop a list of users who do not have any associated devices, but keep in mind that some of these users may be administrators, security analysts, or other valid users of CrashPlan that may not have an associated device that's being monitored.
- Work with your Legal department to identify users or devices that are currently under investigation and should not be deactivated in CrashPlan. You can also use the CrashPlan API or CrashPlan CLI to list legal holds under investigation in your organization that are associated with users and devices. Remember that users and devices involved in legal holds cannot be deactivated and still contribute to active user and device totals.
- Secure your environment by deactivating unneeded users and devices in CrashPlan.
Additional resources
CrashPlan has a number of additional resources available to help you get the most value from your CrashPlan environment while securing your organization's vital data.
- Use the tools in our customer toolkit to get up and running quickly and discover how to optimize CrashPlan for your organization.
- Consult with our Professional Services team for help with deploying CrashPlan across your organization and integrating with tools you already use.
- Engage one of our Technical Account Managers (TAMs) to gain extensive insights about the health of your environment and fully leverage all CrashPlan features, customized for your organization. (TAM services may already be included in your support plan.)
Contact your Customer Success Manager (CSM) for more information about how to access these resources. If you do not know your CSM, please contact our technical support team.