Axonius Documentation
  1. Connecting Adapters
  2. Adapters T-U

Tanium Discover

The Tanium Discover adapter scans for unmanaged assets with almost no impact on the network.

Asset Types Fetched

  • Devices

Before You Begin

Required Ports

  • TCP port 443: REST API

Authentication Methods

  • User Name/Password
  • API Token ID/API Token
  • Client-side Certificate Authentication (Mutual TLS)

Required Module Permissions

You need to have the Module Role Discover Read Only User that provides the following Module Permissions:

  1. Show Discover
  2. Discover Asset Read

Assigning Required Permissions

  1. Log in to your Tanium environment with an account that has the permissions necessary to edit users.
  2. In the navigation menu, go to the Administration > Users page.
  3. Select the user you want to use for connecting and click View User.
  4. In the User Administration, go to the Roles and Effective Permissions section, and click Edit Roles.
  5. In the Assign Roles page, go to Role Management > Grant Roles, and click Edit.
  6. In the Edit Grant Roles dialog window:
    1. Select the role named Discover Read Only User.
    2. Click Save.
  7. Back in the Assign Roles page:
    1. Click Show Preview to Continue.
    2. Click Save and then Continue.
  8. The User Administration page should look like this:
tanium_useradmin_discover
  1. Continue to Verifying Permissions

Verifying Permissions

  1. In Tanium, navigate to the Discover page.
  2. From the Discover menu, select Interfaces > All.

Connecting the Adapter in Axonius

Required Parameters

  1. Hostname or IP Address - The Hostname or IP address of the Tanium server that Axonius can communicate with via the Required Ports. This adapter supports both on-premise and Tanium Cloud instances. When connecting to a Tanium Cloud instance, "-api" must be added to the end of the subdomain of your Tanium Cloud instance. For example: "domain.cloud.tanium.com" should be entered as "domain-api.cloud.tanium.com".
  2. User Name or API Token ID - The credentials for a user account that has the Required Permissions to fetch assets. If an API token is being used for authentication, this must be the ID of the API token. The Token ID column in Tanium may be hidden.
  3. Password or API Token - The credentials for a user account that has the Required Permissions to fetch assets. If an API token is being used for authentication, this must be the API token string.
📘

More information on API Tokens

  • When connecting to a Tanium Cloud instance, an API token must be used.
  • When creating an API token in Tanium, the default value for "Expire in Days" is 7. It is recommended to set this value to the maximum allowed value of 365.
  • See the Tanium Documention on Managing API tokens for more information.

  1. Fetch Unmanaged (default: True) - Determine whether to fetch assets from Discover > Interfaces > Unmanaged.

  2. Fetch Unmanageable (default: True) - Determine whether to fetch assets from Discover > Interfaces > Unmanageable.

  3. Fetch Managed (default: False) - Determine whether to fetch assets from Discover > Interfaces > Managed.

  4. Fetch Ignored (default: True) - Determine whether to fetch assets from Discover > Interfaces > Ignored.

Optional Parameters

  1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  3. Enable Client Side Certificate - Check this option to authenticate to Tanium servers using client certificates, meeting advanced security requirements for organizations that enforce mutual TLS authentication. When this is enabled, provide the following:

    1. Client Private Key File (.pem) - Upload the client private key file in PEM format.
    2. Client Certificate File (.pem) - Upload the client certificate file in PEM format.
    📘

    Notes

    • Certificates are securely stored in Axonius and used only for authenticating to Tanium servers.
    • The system validates the certificates while establishing the connection to prevent misconfiguration. If the certificate and private key do not match, or missing, or parsed incorrectly, you will receive an appropriate error message.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Trust Tanium Discover hostname (required, default: False) - Select whether to consider the Tanium Discover hostname value as the device hostname.
    • If enabled, all connections for this adapter will set the Aggregated:Host Name with the fetched Tanium Discover:Discover Hostname field value.
    • If disabled, all connections for this adapter will not set the Aggregated:Host Name with the fetched Tanium Discover:Discover Hostname field value.
  2. Number of assets to fetch per page (required, default: 100) - Control the number of assets that are fetched per page.
  3. Number of seconds to wait in between each page fetch (required, default: 1) - Control the number of seconds to wait in between each page.
  4. CIDR exclude list (optional) - Specify a comma-separated list of CIDR blocks (for example: 192.168.20.0/24,192.168.30.0/24). The adapter will not fetch devices with an IP address that is in the range of any of the comma-separated list of CIDR blocks defined in this field .
  5. CIDR include list (optional) - Specify a comma-separated list of CIDR blocks (for example: 192.168.20.0/24,192.168.30.0/24), where the adapter only fetches devices with an IP address that is in the range of any of the comma-separated list of CIDR blocks defined.
  6. Constrain configured fetch types - Select this option to verify that only devices selected in the basic configuration will be ingested in Axonius.
  7. Deduplicate devices - Select this option to deduplicate devices.
📘

Note

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Version Matrix

This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.

VersionSupportedNotes
Tanium versions prior to 7.3.314.3424NoThis adapter utilizes the REST API, which was added in Tanium 7.3.314.3424
Tanium 7.3.314.3424Yes
Tanium 7.3.314.3668Yes
Tanium 7.3.314.4147Yes
Tanium 7.3.314.4250Yes
Tanium CloudYes

Discover Module Versions

Modules within Tanium have their own version which is separate from the platform version.

VersionSupportedNotes
Discover Module 2.11.1.18Yes
Discover Module 3.1.0.0185Yes
Discover Module 3.1.2.0007Yes

Updated 10 days ago