Activate and configure the Security Operations Tanium integration
The Integration Configuration feature allows you to quickly activate and set up third-party security integrations, including Tanium integration. Before you can use the Tanium Endpoint Platform integration, you must download it from the ServiceNow Store.
Before you begin
Procedure
- Download the integration from the ServiceNow Store.
-
When the installation is complete, navigate to Security Operations > Integration Configuration.
The available security integrations appear as a series of cards.
- In the Tanium card, click Configure.
-
Fill in the fields on the Tanium Configuration form, as appropriate.
Field Description Tanium Server URL The URL for accessing the Tanium server SOAP endpoint. Typically, the URL takes a format similar to https://tanium.server.local/soap. An IP address can also be used. For example, https//12.13.14.15/soap. Tanium Username and Password The username and password for the Tanium integration administrator (for Tanium version 6.1 and above). Tanium Session (pre 6.1) The Tanium Session SOAP key (for Tanium versions prior to 6.1). For Tanium 6.1 and later installations, this field is typically left empty. Running Processes Sensor The name of the Running Processes sensor to use. For example, Running Processes. IP Address Sensor The name of the IP address sensor to use for limiting a query to a set of specific client machines. For example, IP Address. Index File Sensor The name of the sensor used to get file details. This field defaults to Index Query File Details. Max Index File Entries per IP The limit on the number of files returned per machine in a Get File Details query. This field defaults to 10. Use MID Server If the Tanium server is behind a MID Server, authentication credentials must be included in the body of SOAP messages. The credentials, along with the rest of the SOAP message body, are stored as plain text in the External Communication Channel (ECC Queue). - Click Submit to store the integration configuration.