Configuring Interact

The following sections describe the predefined user roles that you can use to set up Console and Tanium Data Service users. To review specific permissions for each role, see User role requirements.

For more information about assigning user roles, see Tanium Core Platform User Guide: Manage role assignments for a user.

On installation, Console creates a Tanium Data user to automatically manage the service account for Tanium Data Service. Do not edit or delete the Tanium Data user.

Set up Console users

Console Power User

Assign the Console Power User role to users who ask questions, manage content in the Console content sets, and deploy actions through Console.

Console Basic User

Assign the Console Basic User role to users who ask questions and manage content in the Console content sets.

Console Read-Only User

Assign the Console Read-Only User role to users who ask questions and view content in the Console content sets.

Console Show

Assign the Console Show role to users who view content in the Console workbench. This includes users who need to view question results and saved question results in Console.

Set up Tanium Data Service users

Data Collection Operator

Assign the Data Collection Operator role to users who manage the sensors from which to collect data for Tanium Data Service.
This role can perform the following tasks:

Assign the Data Collection Operator role to users who manage the sensors from which to collect data for Tanium Data Service.
This role can perform the following tasks:

• Purge data for specific sensors
• Register, unregister, enable, and disable sensors for collection
• Configure data collection settings

Do not assign the Tanium Data Service Account, Tanium Data Service Account - All Content Sets, or Data Collection Service Account roles to users. These roles are for internal purposes only.