Tanium - Create Action
  • 24 Jun 2024
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Tanium - Create Action

  • Dark
    Light
  • PDF

Article summary

Tanium - Create Action creates an action for software packages on the Tanium Asset server for:

  • Assets that match the results of the selected saved query, and match the Enforcement Action Conditions, if defined or assets selected on the relevant asset page.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

General Settings

  • Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
  • Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
  • Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
  • Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

  • Use stored credentials from the Tanium Asset adapter - Select this option to use Tanium Client Status connected adapter credentials.
    • When you select this option, the Select Adapter Connection drop-down is available. Select the adapter connection to use for this Enforcement Action.

Note:

To use this option, you must successfully configure a Tanium Asset adapter connection.

Required Fields

These fields must be configured to run the Enforcement Set.

  • Package ID - Software Package ID for which to create the action.
  • Computer Group Name - The computer group name suffix. This will create n computer groups named COMPUTERGROUPNAME #INDEX, depending on the resulting query set size.
  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional.

Connection Parameters

If Use stored credentials from the Tanium Asset adapter is disabled, these fields are required:

  • Hostname or IP Address - The Hostname or IP address of the Tanium server that Axonius can communicate with. The adapter supports both on-premise and Tanium Cloud instances. When connecting to a Tanium Cloud instance, "-api" must be added to the end of the subdomain of your Tanium Cloud instance. For example: "domain.cloud.tanium.com" should be entered as "domain-api.cloud.tanium.com".

  • User Name or API Token ID - The credentials for a user account that has Permissions to fetch assets. If an API token is being used for authentication, this must be the ID of the API token. The Token ID column in Tanium may be hidden.

  • Password or API Token - The credentials for a user account that has the Permissions to fetch assets. If an API token is being used for authentication, this must be the API token string.

    Note:
    Refer to Tanium Asset to learn more about the API Token.
  • Only fetch clients that have registered in the past N minutes - Only fetch assets that have registered with the Tanium platform within the past minutes supplied by this value. Tanium considers any agent that has not reported in the past 5 minutes as "broken". However, leave this value empty if you want to be able to build queries in Axonius that check for "broken agents". A value of 0 will disable this filter.

  • Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  • HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  • Max devices per deploy (default: 10) - Set a maximum number of devices on which to run this action.

Required Permissions

The credentials used to connect to Tanium must have permission to create actions in Tanium.


For more details about other Enforcement Actions available, see Action Library.



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.