Tanium Connect
Integration Points
Protocol | Information Discovered | Used For |
---|---|---|
syslog | Endpoint security logs | Security and Compliance |
Event Types
Currently, 4 events are parsed. See event types in RESOURCES > Event Types and search for "TaniumConnect-" in the main content panel Search... field. The user can extend the parser to add other events.
Configuring Tanium Connect
Follow Tanium Connect documentation to send syslog to FortiSIEM.
Configuring FortiSIEM
FortiSIEM automatically recognizes Tanium Connect syslog as long it follows the following format as shown in the sample syslog:
<134>1 2018-09-06T02:50:02.762000+00:00 tanium-server-1 Tanium 7020 - [Comply-Deployment-Status---Deployment-5@017472 Installed=true Version=3.0.45 Type=full Installed1=true Version1=8u131-e1 Comply---Has-Latest-Tools=true Count=2