A script command run on a schedule, sometimes including package files.
A collection of one or more computer groups to which an action is deployed.
ad hoc question
An unsaved query that you can create in the question bar to get information from endpoints. Also referred to as a dynamic question.
A set of fine-grained content set permissions.
The client that has the "lowest" IP address in its linear chain and that communicates directly with the Tanium™ Server on behalf of its neighborhood.
A list of patches that are prohibited from being deployed to the subscribed computer groups.
An organized collection of panels.
A sequenced list of software packages.
An organized collection of dashboards.
An endpoint that has the Tanium™ Client installed.
An action of installing the Tanium Client on endpoints.
A configuration object that defines a set of endpoints that have a sensor result in common. For example, a particular operating system or tag.
Collective term for sensors, packages, saved questions, scheduled actions, dashboards, and categories.
A reserved role that grants action management privileges and read/write privileges on all content sets.
A package distributed by Tanium™ that can include sensors, saved questions, packages, and scheduled actions.
A group of sensors, saved questions, dashboards, categories, and packages to which a permission applies.
An arbitrary PowerShell, VBScript, or UNIX shell script that is used to evaluate conditions on an endpoint.
custom ID mapping
A configuration that maps a custom check ID or XCCDF rule ID to an arbitrary value.
A collection of saved questions.
A collection of settings that can be used to repeatedly issue deployments.
An external server or piece of software to which Tanium data is sent.
A scanner that finds unmanaged interfaces.
The action of issuing an additional question to the endpoints in the results grid.
An unsaved query that you can create in the question bar to get information from endpoints. Also referred to as an ad hoc question.
A node on a computer network, such as a computer or network device.
An application of a policy on the targeted endpoint.
A process that can be deployed to endpoints to search for potential threats based on a piece of intel.
A process that continuously saves key forensic evidence on each endpoint.
A process that can be deployed to endpoints to index local file systems, compute file hashes, and gather file attributes and magic numbers.
A distribution of a single file as a set of small files in order to limit the impact on network performance.
The client that has the “highest" IP address in its linear chain and that communicates directly with the Tanium Server on behalf of its neighborhood.
A process of disabling functionality in the client environment that would otherwise enable users to make inadvertent changes or deliberately evade endpoint management by Tanium.
A collection of artifacts to detect and respond to a potential intrusion.
A client that has no peer connections.
Content provided through the Tanium Labs program. Labs content is not warranted or supported, but you might find it useful or instructive.
A Tanium Client on one end of a linear chain that has an intermittent connection with the Tanium Server to receive questions or send answers on behalf of the client neighborhood.
An architecture for exchange of information and data among endpoints that are running Tanium Client.
A connection to an endpoint to conduct real-time analysis of activity on that endpoint.
An endpoint that has the Tanium Client installed.
An XML file that lists the content and solutions published through content.tanium.com.
The action of adding a new column with results from an additional sensor to the results already returned to the results grid.
A dedicated server to run application services and store files for Tanium solution modules.
A configuration that defines data that a Tanium module provides to Trends.
natural language parser
A component that transforms search bar input into valid question syntax.
An adjacent endpoint. Tanium Client shares messages with the closest neighbors on each side.
A script and files deployed to an endpoint for administrative action, like installation of a patch.
A collection of software package templates.
A visualization for data collected by a source.
The user issuing the saved question specifies a value before the question is issued to clients.
Capabilities to read or write content and other settings.
A configuration that contains settings to block or allow applications on endpoints.
A block that can be put on an endpoint to isolate it from the rest of the network.
A sensor that exceeded the one-minute timeout when it last ran on an endpoint.
A message sent to each Tanium-managed computer requesting one or more real-time details.
An indicator of threat level for a file hash: malicious, non-malicious, suspicious, or unknown.
A role that assigns privileges that enable special purpose capabilities.
A configuration object that includes question syntax and reissue settings to get information from endpoints.
saved question source
A configuration that defines a Trends saved question, how often to issue the question, and when to collect results from endpoints.
A group of settings that determine the technique and frequency to search endpoints for patches.
An action configured to be issued regularly in order to promote hygiene in the enterprise environment.
A script deployed to endpoints to gather information sought in questions. A sensor executes on the endpoint, so it must leverage the native OS scripting languages or previously installed utilities. In response to a question message, the Tanium Client executes the respective sensor and returns the results from the local machine.
A user that is configured to run services on the module server.
A small file that is part of set of files that make up a single file that can be used on an endpoint.
An expression to evaluate process, network, registry, and file events on an endpoint. Signals are available as a feed from Tanium, or you can author your own signals.
A content XML file signed by a cryptographic private key that corresponds with a public key that was added to the Tanium Server installation.
A piece of software built by Tanium that extends the Tanium™ platform.
A configuration that defines where data originates.
The core platform server that communicates with clients.
A method of finding endpoints that match criteria returned by sensors.
Technical Account Manager (TAM)
A staff member from Tanium that helps to configure and troubleshoot Tanium deployments.
An instance of a parameterized sensor that includes a specific value in a saved question.
A type of content not developed by Tanium or the customer that is imported into the customer environment.
A network device or computer that does not have the Tanium Client installed.
A network device or computer that cannot run the Tanium Client, such as a printer or router.
A local path or URL to an Open Vulnerability and Assessment Language (OVAL) definitions file.
A user interface that facilitates management tasks.
A service to establish secure endpoint connections through zone servers.
A server typically deployed in an enterprise DMZ network to proxy traffic between Tanium Clients that reside on limited-access networks and a Tanium Server that resides on the trusted core network.