Tanium is a feature-packed endpoint management and endpoint security platform designed to strengthen and optimize an organization's cybersecurity efforts. The platform allows security and IT operations team to get access to visible and accurate information on the state of endpoints at all times, to protect against modern-day disruptions, and realize new levels of business resilience.
EventTracker helps to monitor events from Tanium via syslog. EventTracker reports, saved searches and dashboards will help you to analyze the activity logs, such as vulnerability management, login failed by any user, administrative activities, etc. This contains critical information, such as time of occurrence of events, user source IP, and action taken by the user. Dashboards are graphical representation of the events, which allows administrators to get an overview of key information, such as total number or percentage of audit events, or operational events.
Once Tanium is configured to deliver events to EventTracker Manager, alerts, dashboards, and reports can be configured into EventTracker.
The configuration details in this guide are consistent with EventTracker version 9.x and later, and Tanium.
To configure Tanium to send logs to EventTracker, refer to the How-to Guide.
For more information, please refer to the Integration Guide.