Computer Groups
Fetches computer group data from Tanium, enabling visibility into group configurations and memberships within your Tanium instance.
Sync Type: Full Sync
Description
The Tanium Computer Groups input connector retrieves computer group data from your Tanium instance.
- Configurable scheduling using cron expressions
- Support for synthetic data generation for testing purposes
Requirements
- A Tanium instance with API access enabled
- An API token with permissions to access computer group data
- The base URL of your Tanium instance (e.g.,
https://<customerName>-api.cloud.tanium.comfor cloud orhttps://<server>for on-prem).
Setup Instructions
-
Generate an API Token:
- Log in to your Tanium instance.
- Navigate to Administration > Permissions > API Tokens.
- Click Create API Token.
- Fill in the Description field with a meaningful name for your token.
- Select the Expiry duration in days.
- Configure Allow whitelist IPs if needed for enhanced security requirements. For most deployments, using
0.0.0.0/0(all IPs) is recommended for operational simplicity. If your organization requires IP restrictions, whitelist Monad's IP addresses:- For Monad SaaS:
35.81.245.33,35.83.26.83,35.84.110.88 - For Monad on-premises: Your Monad instance's IP address
- For Monad SaaS:
- Click Create to generate the token.
- Copy the generated token and store it securely.
-
Obtain the Base URL:
- Note the API URL of your Tanium instance (e.g.,
https://<customerName>-api.cloud.tanium.comfor cloud orhttps://<server>for on-prem).
- Note the API URL of your Tanium instance (e.g.,
-
Configure the Connector:
- Use the API token and base URL in the configuration settings for the connector.
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Base URL | string | Yes | The base URL of your Tanium instance (e.g., https://<customerName>-api.cloud.tanium.com for cloud or https://<server> for on-prem). |
| Cron | string | Yes | Cron expression to schedule the connector runs. |
Secrets
| Secret | Type | Required | Description |
|---|---|---|---|
| API Token | string | Yes | The API token for authentication with Tanium. |
Best Practices
- API Token Security: Keep your API token secure and never commit it to version control.
- Cron Scheduling: Use an appropriate cron expression to balance data freshness and API usage.
Troubleshooting
Common Issues
-
Authentication Errors:
- Verify the API token is correct and has not expired.
- Ensure the token has the necessary permissions to access computer group data.
- Check if the token was created with appropriate expiry duration.
- Verify that Monad's IP addresses are whitelisted if IP restrictions were configured during token creation.
- Regenerate the token if it has expired or permissions have changed.
-
Connection Issues:
- Verify the base URL is correct and accessible from your network.
- Check for firewall or network restrictions that may block access to the Tanium instance.
-
IP Whitelist Issues:
- If you configured IP whitelisting during token creation, ensure Monad's IP addresses are included:
- For Monad SaaS:
35.81.245.33,35.83.26.83,35.84.110.88 - For Monad on-premises: Your Monad instance's IP address
- For Monad SaaS:
- Consider using
0.0.0.0/0for simpler configuration if your security policies allow it. - Check if your organization uses NAT or proxy servers that might change the outbound IP.
- Update the token's IP whitelist if Monad's IP addresses have changed.
- If you configured IP whitelisting during token creation, ensure Monad's IP addresses are included:
-
Invalid Cron Expression:
- Ensure the cron expression is valid. Refer to Cron Expression Syntax for guidance.
-
Missing Data:
- Verify that the Tanium instance contains computer group data.
- Check the connector logs for errors or warnings.