Skip to main content

Supported Data models

Required Tanium Solutions

The following Tanium modules must be licensed and provisioned in your environment to enable this integration:
ModuleRequirementPurpose
Tanium ComplyRequiredEnables vulnerability assessments and provides access to CVE findings.
Tanium Platform CoreRequiredCore platform services like RBAC, API token generation, etc.

Connector Configuration Parameters

Note: We are only supporting Tanium Cloud Envrionments
#ParameterDescription
1Tanium API Base URLThe base URL of the Tanium Cloud Gateway API for your tenant. The URL should be your instance name followed by ‘-api’. e.g.: https://instancename-api.cloud.tanium.com
2Tanium API TokenToken generated using the Persona with proper access to endpoints and CVEs.

Onboarding Tanium

Follow the steps below to onboard your environment to our Tanium integration.
1

Create a Custom Role

  1. In the Tanium Console, go to Administration > Roles.
  2. Search for the built-in role: Gateway User.
  3. Click Clone to create a duplicate.
  4. Name the role (e.g., Leen Integration Role).
  5. Under Platform Content Permissions, enable:
    • Sensor > Read
  6. Add Content Sets. Add the required Content Sets by clicking the + icon next to the green checkmark on the permission you applied in the previous step:
    • Base
    • Comply Reporting
    • Reserved
    • Tanium Data Service
  7. Click Save.
2

Create a Persona

  1. Go to Administration > Personas.
  2. Click New Persona.
  3. Set a name (e.g., Leen Integration Persona).
  4. Under Manage Roles, assign the custom role created above.
  5. Under Computer Groups, do one of the following:
    • Assign specific computer groups
    • Or check Unrestricted Management Rights for full access
  6. Assign the persona to a user or service account.
  7. Click Save.
3

Generate the API Token

  1. Sign in with the user account linked to the Persona you just created.
  2. Navigate to Administration > API Tokens.
  3. Click New API Token.
  4. Enter a name and optionally set a TTL (Time-To-Live).
  5. Select the persona created in the previous step.
    • You may need to refresh the page if the persona doesn’t show immediately.
  6. For Allowed IP Addresses, choose:
    • Contact us to get the IP Address that needs to be added as part of trusted IP Addresses.
    • Or use 0.0.0.0/0 for unrestricted access (not recommended for production)
  7. Click Save.
Record your API token somewhere safe. Once the window is closed, the token will not be visible again.
4

Enter credentials

Enter the Tanium API Base URL and Tanium API Token obtained above into the Tanium integration configuration.
##API Token Rotation The API Token gets rotated automatically as part of the connection.