Supported Data models

Required Tanium Licenses

The following Tanium modules must be licensed and provisioned in your environment to enable this integration:
ModuleRequirementPurpose
Tanium ComplyRequiredEnables vulnerability assessments and provides access to CVE findings.
Tanium GatewayRequiredExposes the GraphQL API for secure data access.
Tanium Platform CoreRequiredCore platform services like RBAC, API token generation, etc.
Tanium AssetRequiredProvides endpoint metadata (OS, hardware, installed software).

Connector Configuration Parameters

#ParameterDescription
1Tanium API Base URLThe base URL of the Tanium Cloud Gateway API for your tenant. The URL should be your instance name followed by ‘-api’. e.g.: https://instancename-api.cloud.tanium.com
2Tanium API TokenToken generated using the Persona with proper access to endpoints and CVEs.

Onboarding Tanium

Follow the steps below to onboard your environment to our Tanium integration.
1

Create a Custom Role

  1. In the Tanium Console, go to Administration > Roles.
  2. Search for the built-in role: Gateway User.
  3. Click Clone to create a duplicate.
  4. Name the role (e.g., Leen Integration Role).
  5. Under Platform Content Permissions, enable:
    • Sensor > Read
  6. Add Content Sets. Add the required Content Sets by clicking the + icon next to the green checkmark on the permission you applied in the previous step:
    • Base
    • Comply Reporting
    • Reserved
    • Tanium Data Service
  7. Click Save.
2

Create a Persona

  1. Go to Administration > Personas.
  2. Click New Persona.
  3. Set a name (e.g., Leen Integration Persona).
  4. Under Manage Roles, assign the custom role created above.
  5. Under Computer Groups, do one of the following:
    • Assign specific computer groups
    • Or check Unrestricted Management Rights for full access
  6. Assign the persona to a user or service account.
  7. Click Save.
3

Generate the API Token

  1. Sign in with the user account linked to the Persona you just created.
  2. Navigate to Administration > API Tokens.
  3. Click New API Token.
  4. Enter a name and optionally set a TTL (Time-To-Live).
  5. Select the persona created in the previous step.
    • You may need to refresh the page if the persona doesn’t show immediately.
  6. For Allowed IP Addresses, choose:
    • A specific IP (recommended), e.g., 192.168.1.10
    • Or use 0.0.0.0/0 for unrestricted access (not recommended for production)
  7. Click Save.
Record your API token somewhere safe. Once the window is closed, the token will not be visible again.
4

Enter credentials

Enter the Tanium API Base URL and Tanium API Token obtained above into the Tanium integration configuration.