What is Tanium Discover?
Tanium Discover scans networks with hundreds of thousands of endpoints to find unmanaged assets. Administrators can choose to block the devices or bring them under management.
Why Should You Use the Tanium Discover Connector?
The Tanium Discover connector provides visibility into the endpoints in your environment. You can use this visibility to:
ensure assets are managed per your security policies
derive relationships between assets, users, applications, and data
How Does This Connector Work?
Lucidum executes read-only requests to the Tanium Discover REST API and ingests only meta-data about Tanium Discover devices. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum
The URL for the Tanium Discover API.
Domain for Tanium Discover.
User name for a Tanium Discover account with read access.
The password for the Tanium Discover account.
If you are connecting to a Tanium cloud instance, you must provide an API token.
For future use.
Creating an API Token
To create an API token for the Lucidum connector to use, following these instructions:
When connecting to a Tanium Cloud instance, an API token must be used.
When creating an API token in Tanium, the default value for "Expire in Days" is 7. Lucidum recommends you set this value the maximum allowed value of 365.
For details on the API toekn, see the Tanium Documentation on Managing API tokens.
Persona for Lucidum
Discover Read Only User
Login to the Tanium console with the persona you want the Lucidum connector to use when ingesting data from Tanium.
In the navigation menu, go to the Administration > Users page.
In the User Administration page in the Roles and Effective Permissions section:
Click Edit Roles.
In the Assign Roles page in the Role Management > Grant Roles section:
In the Edit Grant Roles dialog window:
Select the role named Discover Read Only User.
On the Assign Roles page:
Click Show Preview to Continue.
In the Notice dialog window:
Contact Tanium customer support for access to the Tanium API v2.