Tanium
Visualize Tanium assets, users, and evaluations in JupiterOne, and monitor changes through queries and alerts.
- Installation guide
- Tanium data model
Installation
For this integration, you will need access to the Administration module with the API Gateway User role in Tanium to create API keys.
Configuration in Tanium
Before setting up the integration instance in JupiterOne, you will need to generate your Tanium API Key:
- In your Tanium console, at the top bar, navigate to Administration > Permissions > API Tokens
- Click New API Token
- Set the desired number of days until your token expires.
- If you are running the integration in JupiterOne then add the following IPs
to the Trusted IP list based on your region:
- Running in US Region:
- 18.219.33.157/0
- 18.218.86.86/0
- 52.14.136.234/0
- Running in Cisco US Region:
- 34.233.148.77/0
- 44.199.84.191/0
- 52.21.5.206/0
- Running in EU Region:
- 3.67.240.226/0
- 52.28.3.30/0
- 3.121.249.173/0
- Running in US Region:
- Copy your API Token for use in JupiterOne.
Once you have generated your API key, retain the value and have it ready when configuring the integration within JupiterOne.
Configuration in JupiterOne
To install the Tanium integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Tanium. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
The Account Name used to identify the Tanium account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.Your Tanium API Key.
Lastly, enter the base URL for your Tanium instance's API. The endpoint will look like
https://<customerName>-api.cloud.tanium.com.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | tanium_account | Account |
| Application | tanium_application | Application |
| Application Version | tanium_application_version | Record |
| Available Patch | tanium_available_patch | Record |
| Endpoint | tanium_endpoint | Host |
| Installed Application | tanium_installed_application | Record |
| Installed Patch | tanium_installed_patch | Record |
| User | tanium_user | User |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
tanium_account | HAS | tanium_application |
tanium_account | HAS | tanium_endpoint |
tanium_account | HAS | tanium_user |
tanium_application | HAS | tanium_application_version |
tanium_endpoint | HAS | tanium_available_patch |
tanium_endpoint | HAS | tanium_installed_application |
tanium_endpoint | HAS | tanium_installed_patch |
tanium_installed_application | IS | tanium_application_version |