Lucidum’s cyber beard is thriving! A Rising in Cyber 2025 Honoree! See the wisdom behind the whiskers → [Learn More!]

Lucidum’s cyber beard is thriving! A Rising in Cyber 2025 Honoree! See the wisdom behind the whiskers → [Learn More!]
View Categories

Tanium Discover

Estimated Reading Time: 1 min read

What is Tanium Discover? #

Tanium Discover scans networks with hundreds of thousands of endpoints to find unmanaged assets. Administrators can choose to block the devices or bring them under management.

Why Should You Use the Tanium Discover Connector? #

The Tanium Discover connector provides visibility into the endpoints in your environment. You can use this visibility to:

  • ensure assets are managed per your security policies
  • derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Lucidum executes read-only requests to the Tanium Discover REST API and ingests only meta-data about Tanium Discover devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum for Tanium Discover on Tanium Cloud #

Field

Description

Example
URL The URL for the Tanium API

https://<customer>-api.cloud.tanium.com

where:

customer is the sub-domain for your deployment of Tanium.

 https://mycompany-api.tanium.com
Verify SSL Toggle on/off validation of SSL certificates. On or Off
Username Leave blank NA
Password Leave blank NA
Domain Leave blank NA
API Token Valid API token for Tanium Discover.For details on creating an API token in Tanium Discover, see:

https://lucidum.io/docs/tanium-discover/#creating_an_api_token_for_tanium_cloud

 9ab934979aea20a3d56a822441a4329f470326f5e7ef2af66783147533

Creating an API Token for Tanium Discover on Tanium Cloud #

Step 1: Create a Persona for Lucidum #

To create a persona for Lucidum, see:

https://help.tanium.com/bundle/ug_console_onprem/page/platform_user/console_personas.html#Create_Persona

Step 2: Assign Roles to the Persona for Lucidum #

Object

Permissions

Persona for Lucidum

 Discover Read Only User
  1. Login to the Tanium console with the persona you want the Lucidum connector to use when ingesting data from Tanium.
  2. In the navigation menu, go to the Administration > Users page.
  3. In the User Administration page in the Roles and Effective Permissions section:
    • Click Edit Roles.
  4. In the Assign Roles page in the Role Management > Grant Roles section:
    • Click Edit.
  5. In the Edit Grant Roles dialog window:
    • Select the role named Discover Read Only User.
    • Click Save.
  6. On the Assign Roles page:
    • Click Show Preview to Continue.
    • Click Save.
  7. In the Notice dialog window:
    • Click Continue.

Step 3: Create an API Token for Lucidum #

When connecting to a Tanium Cloud instance, you must use API token.

To create an API token for the Lucidum connector to use, follow these instructions:

https://help.tanium.com/bundle/ug_console_cloud/page/platform_user/console_api_tokens.html#add_API_tokens

Enter these values:

  • Expiration. When creating an API token in Tanium, the default value for “Expire in Days” is 7. Lucidum recommends you set this value the maximum allowed value of 365.
  • Persona. Select the Persona we created for Lucidum.
  • Trusted IP Address. Enter the IP address of your Lucidum instance.

API Documentation #

Contact Tanium customer support for access to the Tanium API v2.

What are your Feelings

Solutions

COMPANY

Resource Library