Creating maps

A map is a set of parameters that are used to generate a saved question. The Tanium Clients return information about application components and connections on managed endpoints over the specified time period.

You can create maps spontaneously as part of an investigation, or as a part of an audit routine.

Create an application map

An application map displays an end-to-end map of nodes, both managed and unmanaged, that constitute an application or multiple applications.

By tracking application maps over time, you can quickly identify changes that caused any outages. You could create maps for different time frames, and compare the results.

Before you begin, you must have an application for which you want to create a map. See Defining applications.

  1. From the Map menu, click Maps. Click New Application Map.
  2. Add target applications to the map. Click Add Application and then choose the application that you want to map. You can add multiple applications to the map.
  3. Configure additional filters. These filters are applied to the data that is used to generate the map, and include the date range, minimum connections required to add an inferred endpoint, and computer group. You can also indicate a default Group By setting. If you want to filter on one of the Group by settings, you can create a dynamic filter after the map is created. See Filter maps.
  4. Click Generate.

Create an endpoint map

An endpoint map returns connections, applications, and raw processes that are associated with one or more IP addresses. You might create an endpoint map if you are planning to take an endpoint offline and you want to see precisely which applications could be impacted.

Remember that because IP addresses can be dynamic, you might need to frequently update your endpoint maps. Endpoint maps are meant to be a temporary visualization of your environment.

Before you begin, you must have a list of IP addresses that you want to target for the map. These IP addresses must resolve to endpoints that the Tanium Server manages. These endpoints must have the Map tools installed. To get the Map tools installed on endpoints, the endpoints must be in the Map action group. See Configure Map action group.

  1. From the Map menu, click Maps. Click New Endpoint Map.
  2. Add endpoint targets to the map. Click Add Target IP Address and indicate the IP address that you want to add to the map.
  3. Configure additional filters. These filters are applied to the data that is used to generate the map, and include the date range, minimum connections required to add an inferred endpoint, and computer group. You can also indicate a default Group By setting. If you want to filter on one of the Group by settings, you can create a dynamic filter after the map is created. See Filter maps.
  4. Click Generate.

Last updated: 11/6/2018 1:40 PM | Feedback