Tanium endpoint management and security solution provides real-time visibility and control by enhancing your ability to manage endpoints, streamline incident response, and bolster your defense mechanisms. For detailed information refer to the Tanium’s official documentation.
Integration Method: API
Tables: Vulnerability Finding (2002), Compliance Finding (2003), Detection Finding (2004), Device Inventory Info (5001), Software Inventory Info (5020)
This integration supports the following events.
Event | Description |
---|---|
Vulnerabilities | List of Vulnerabilities |
Compliances | List of Compliance Findings |
List of Assets | |
Alerts | List of Alerts |
List of software/applications installed on the device |
This integration supports the following versions.
Tanium API gateway version | v2 |
Tanium Platform API version | v1 |
Note:
Tanium is a continuously updated cloud service. As of this document preparation, the latest release for threat response was on 4th March 2025.
Prerequisites
The user should have access to the Tanium portal.
The user should have a Tanium API token.
The user should have access to the DataBee console.
Configuration overview
Get an API Token from the Tanium portal.
Add Tanium Endpoint Protection in the DataBee console.
DataBee Parameter
Tanium Parameter
Token
Tanium Configuration
Login to the Tanium console.
Note:
The login page link varies based on the instance and type of the instance. Use the link provided by your respective team. For example, https://<instancename>.com.
Click Administration button on the sidebar. Under Permissions section, locate API Tokens and click it.
Click on New API Token.
Create New API Token
Enter ‘Notes’ and ‘Expiration’ time
Enter ‘Trusted IP Addresses’ ranges. Contact your DataBee support team for the CIDR range.
Click Create.
Note:
This token will have to be regenerated before the expiration date (by default expiration time is 365 days).
Click on Yes in the confirmation box.
Copy the API token to use it for authentication when we create feed in DataBee.
Note:
Token is only visible once. Copy and store it securely.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for Tanium Endpoint Protection and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Bearer Token
API Base URL: this is the base URL that DataBee will interact with
Replace <customer_url> with your Tanium instance specific endpoint. For example, https://<instancename>-api.cloud.tanium.com/plugin/products/gateway/graphql. Contact your Tanium support team for more information.
Reference: Tanium Website
Token: paste the API Token
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you are facing an unauthorized (401) error, this might be possibly due to incorrect Token. Please refer API Credentials to retrieve the API Token.