Tanium Discover
  • 5 minutes to read
  • Print
  • Share
  • Dark
    Light
Contents
Contents x

Tanium Discover

  • 5 minutes to read
  • Print
  • Share
  • Dark
    Light

The Tanium Discover adapter scans for unmanaged assets with almost no impact on the network.

Parameters

  1. Hostname or IP Address (required) - The Hostname or IP address of the Tanium server that Axonius can communicate with via the Required Ports.
  2. User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.
  3. Fetch Unmanaged (required, default: True - Fetch assets from Discover > Interfaces > Unmanaged.
  4. Fetch Unmanageable (required, default: True - Fetch assets from Discover > Interfaces > Unmanageable.
  5. Fetch Managed (required, default: False - Fetch assets from Discover > Interfaces > Managed.
  6. Fetch Ignored (required, default: True - Fetch assets from Discover > Interfaces > Ignored.
  7. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Hostname or IP Address. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in Hostname or IP Address will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in Hostname or IP Address will not be verified against the CA database inside of Axonius.
  8. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Hostname or IP Address.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Hostname or IP Address.
    • If not supplied, Axonius will connect directly to the value supplied in Hostname or IP Address.
  9. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

tanium_discover_new_cnx(1)

Required Ports

Axonius must be able to communicate with the value supplied in Hostname or IP Address via the following ports:

  • TCP port 443: REST API

Required Permissions

Required Module Permissions

A Module Role named Discover Read Only User exists that provides these Module Permissions:

  1. Show Discover
  2. Discover Asset Read

Assigning Required Permissions

These are the steps to assign the Required Permissions to the value supplied in User Name:

  1. Log in to the value supplied in Hostname or IP Address with an account that has the permissions necessary to edit users.
  2. In the navigation menu:
    1. Go to the Administration > Users page.
  3. In the Users Page:
    1. Select the value supplied in User Name from the list of users.
    2. Click View User.
  4. In the User Administration page in the Roles and Effective Permissions section:
    1. Click Edit Roles.
  5. In the Assign Roles page in the Role Management > Grant Roles section:
    1. Click Edit.
  6. In the Edit Grant Roles dialog window:
    1. Select the role named Discover Read Only User.
    2. Click Save.
  7. In the Assign Roles page:
    1. Click Show Preview to Continue.
    2. Click Save.
  8. In the Notice dialog window:
    1. Click Continue.
  9. The User Administration page should look like this:
    tanium_useradmin_discover
  10. Perform the steps in Verifying Permissions

Verifying Permissions

  1. Log in to the value supplied in Hostname or IP Address with the values supplied in User Name and Password.
  2. In the navigation menu:
    1. Go to the Discover page.
  3. In the Discover menu of the Discover page:
    1. Go to the Interfaces > All page.

Field Mappings

The following tables show how values are mapped to fields in Axonius.

Aggregated Fields

Source Destination
asset: computerid UUID
asset: computerid, asset: macaddress ID
asset: createdAt First Seen
asset: ipaddress Network Interfaces
asset: lastDiscoveredAt Last Seen
asset: os, asset: osgeneration OS Guess
asset: ports Open Ports
asset: tags Adapter Tags

Adapter Specific Fields

Source Destination
asset: cloudTags Tags Cloud
asset: computerid Computer ID
asset: createdAt Created At
asset: hostname Discover Hostname
asset: ignored Is Ignored
asset: instanceId Instance ID
asset: instanceState Instance State
asset: instanceType Instance Type
asset: ismanaged Is Managed
asset: lastDiscoveredAt Last Discovered At
asset: lastManagedAt Last Managed At
asset: launchTime Launch Time
asset: locations Locations
asset: macorganization MAC Organization
asset: method Methods Used
asset: natipaddress NAT IP Address
asset: networkId Network ID
asset: os OS Scanned
asset: osgeneration OS Generation
asset: ownerId Owner ID
asset: profile Profile
asset: provide Provider
asset: tags Tags Discover
asset: unmanageable Is Unmanageable
asset: updatedAt Updated At
asset: zone Zone
Discover Report Name Report Source
Tanium Server Tanium Server Name, Tanium Server Version, Module Version

Version Matrix

This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.

Version Supported Notes
Tanium versions prior to 7.3.314.3424 No This adapter utilizes the REST API, which was added in Tanium 7.3.314.3424
Tanium 7.3.314.3424 Yes
Tanium 7.3.314.3668 Yes
Tanium 7.3.314.4147 Yes
Tanium 7.3.314.4250 Yes

Discover Module Versions

Modules within Tanium have their own version which is separate from the platform version.

Version Supported Notes
Discover Module 2.11.1.18 Yes
Discover Module 3.1.0.0185 Yes
Discover Module 3.1.2.0007 Yes
Was this article helpful?
Related Articles