Tanium

Xanadu ServiceNow AI Platform Capabilities

Release

xanadu

ft:locale

en-US

ft:publication_title

Xanadu ServiceNow AI Platform Capabilities

ft:clusterId

platcap

bundleId

platcap

workflow

Platform

Service Graph Connector for Tanium

Release version: Xanadu

Updated July 31, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Service Graph Connector for Tanium

The Service Graph Connector for Tanium enables you to import hardware, software, and software usage data from a Tanium environment directly into your ServiceNow instance. This integration helps maintain an accurate and updated Configuration Management Database (CMDB) by mapping Tanium data to ServiceNow CMDB Configuration Item (CI) classes.

Show full answer Show less

Supported Versions and Upgrade Notes

Supports Tanium versions 1.9+ for hardware and software data, and 1.17+ for software usage data.
Compatible with ServiceNow releases Washington DC, Xanadu, and Yokohama.
Tanium Platform 7.6.2 and later require token-based authorization. For upgrades:
- Single-instance setups must reconfigure existing connections to token-based authentication.
- Multiple-instance setups need to deactivate old jobs using basic authorization and create new token-based connections.

Configuration and Management

Use the SGC Central view within the Service Graph Workspace or CMDB Workspace for installing the connector, configuring connections, and managing their lifecycle including editing, monitoring, and debugging. The previously available guided setup method is deprecated, so SGC Central is the recommended approach.

Monitoring with CMDB Integrations Dashboard

The Integration Commons for CMDB store app provides a dashboard to centrally monitor the status, metrics, processing results, and errors for all CMDB integrations including Tanium. You can filter by integration, time frame, and specific runs for detailed insights.

Data Mapping and Processing

Data from Tanium is imported into staging tables and then transformed using the Robust Transform Engine (RTE).
Identification and Reconciliation Engine (IRE) inserts the transformed data into the CMDB.
Key data sources and their mapping include:
- Applications: Mapped to Application CI classes.
- Hardware and Software: Mapped to Computer, File System, Disk, IP Address, Software, Software Instance, and Server CI classes depending on whether Software Asset Management (SAM) is installed.
- Software Usage: Available only if the Software Asset Management Professional plugin is activated.
- Software Removal: Uses a transform map-based method to delete software records not updated in the last delta scan.

A configurable system property bufferdaysfromlastscanforhardware controls software removal timing by adding a buffer period based on the last hardware scan time to prevent premature deletion of software records.

Additional Tools

The IntegrationHub ETL app can be used to view and manage data maps, providing transparency and control over data transformations between Tanium and ServiceNow.

Use the Service Graph Connector for Tanium to bring in hardware, software, and software usage data from a Tanium environment into your ServiceNow instance.

Request apps on the Store

Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Supported versions

Table 1. Versions
Tanium	ServiceNow
Tanium 1.9 or later versions for hardware and software Tanium 1.17 or later versions for software usage	Washington DC Xanadu Yokohama

Important information for upgrading Service Graph Connector for Tanium

Tanium Platform 7.6.2 or later versions support token-based authorization only. After you have installed the latest version of the Service Graph Connector for Tanium, verify the following configurations to use Tanium Platform 7.6.2 or later versions in your on-premise setups:

For a single instance, reconfigure the authentication type of an existing connection to use token-based authorization.
For multiple instances, deactivate the existing scheduled jobs for previously configured instances that used basic authorization, and then create and configure new instances to use token-based authorization.

Configuring a connection

Use the SGC Central view in the Service Graph Workspace or CMDB Workspace to install the connector and configure the connection. The view enables you to install and discover connectors and to manage the full life cycle of creating, editing, monitoring, and debugging connections. For instructions, see Configure Service Graph Connector for Tanium using SGC Central.

Important:

Unless there are configuration issues, use SGC Central to configure the connection. The guided setup method for configuration is being deprecated.

CMDB integrations dashboard

The Integration Commons for CMDB store app provides a dashboard with a central view of the status, processing results, and processing errors of all installed integrations. You can see metrics for all integration runs. You can filter the view to a specific CMDB integration, a specific time duration, or a specific integration run. For more details about monitoring Tanium integrations in the CMDB Integrations Dashboard, see Using the CMDB Integrations Dashboard.

Data mapping

Data from the Tanium data sources is mapped and transformed into the ServiceNow CMDB Configuration Item (CI) class definitions using the Robust Transform Engine (RTE). Data is inserted into the ServiceNow CMDB using the Identification and Reconciliation Engine (IRE).

The following table describes the data sources, the staging tables, and the target tables including CMDB CI and non-CMDB CI classes for the Tanium application.

Table 2. Data mapping for Tanium
Data source	Staging table	Target tables	Resource types
SG-Tanium Applications	SG-Tanium Applications [sn_tanium_integ_sg_tanium_applications]	Application Running Process TCP	Applications
SG-Tanium Hardware and Software	SG Tanium Import [sn_tanium_integ_sg_tanium_import]	Computer File System Disk IP Address When the Software Asset Management (SAM) application isn't installed: Software Software Instance When the SAM application is installed: Software Installation	Server and software
SG-Tanium Usage	SG Tanium Usage Import [sn_tanium_integ_sg_tanium_usage_import]	Software Usage [samp_sw_usage]	None
SG-Tanium Remove Software	Integration Commons Remove Record [sn_cmdb_int_util_remove_record]	None	None

Note:

The SG-Tanium Usage data source is available only when the Software Asset Management Professional plugin (com.snc.samp) plugin is activated on your ServiceNow instance. See Request Software Asset Management.
The SG-Tanium Remove Software data source creates import sets and uses the transform map-based method for removing any target records for software data that weren't updated in the last delta query check. See Managing CMDB data deletion.
Starting with the Service Graph Connector for Tanium 1.8.0 release, a buffer time is added for software removal when the buffer_days_from_last_scan_for_hardware system property is enabled. When this system property is enabled, the software removal candidate is removed only if the last scan time of the hardware on which the software removal candidate is installed is earlier than the last success import time + buffer time. To enable this property, set the value of the buffer_days_from_last_scan_for_hardware system property to a non-zero numeral value according to the number of days of buffer that you require. To disable this property, set the value to 0.

You can use the IntegrationHub ETL app to view the data maps. See IntegrationHub ETL for more information.

Additional resource

How do I configure the Tanium Service Graph Connector? article on the ServiceNow Community site