Monitoring Tanium Infrastructure

You can monitor server logs and metrics in AWS CloudWatch. For each instance, the following metrics are monitored:

  • High CPU
  • Low Memory Available
  • High Disk Usage
  • Low Disk Available

In addition, the Tanium Core Platform server deployment automatically sends a complete set of Tanium logs and metrics.

For details on using AWS CloudWatch, see https://aws.amazon.com/cloudwatch/.

View the AWS CloudWatch Dashboard

Go to CloudWatch > Dashboards and select your Tanium deployment stack.

Figure  1:  AWS CloudWatch Dashboard

View alarms

Alarms are generated when CPU, memory, and disk usage cross normal performance thresholds.

Go to CloudWatch > Alarms and select an alarm to view its details.

Figure  2:  AWS Alarms

View logs

  1. Go to CloudWatch > Logs and click the log group.
  2. In the log stream list, click the log you want to view.

The following figure shows the Tanium Server log.

Figure  3:  Tanium Server log in AWS CloudWatch

Automated remediation for low disk or high CPU utilization

The deployment template includes options to remediate low disk space or high CPU utilization. When you complete the template for the initial deployment, you can enable the Simple Notification Service (SNS) to send alerts and/or the AWS Lambda function to autoscale compute resources.

Go to Lambda > Functions and click the name of the Lambda function created during the initial deployment to view its details.

Figure  4:  AWS Lambda function

Last updated: 4/4/2019 3:35 PM | Feedback