Getting started with the Tanium Console and Interact

Log into and out of the Tanium Console

Access the Tanium Console through a supported web browser on a computer that can connect to the Tanium Server. For browser details, see Web browser requirements.

The first time you log in, you must enter the username and password of the initial Tanium Console administrator account. The credentials for this account are set when the Tanium Server is installed (see Tanium Core Platform Deployment Guide for Windows: Install the Tanium Server, Set Administrator Account field description). This account has the Administrator reserved role and can create additional users.

When you initially log in, your Tanium Console home page appears. This page serves as a site map that shows the Tanium modules and Tanium Console administration pages that you can access based on your role permissions (see RBAC overview) and on which modules are installed (see Import or upgrade Tanium modules).

The steps to log into the Tanium Console depend on how the Tanium Server is configured to authenticate your user account.

Log in using local or LDAP/AD authentication

For user accounts that you create locally on the Tanium Server (see Create a user), or that you import from a Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) server (see Integrating with LDAP servers), the steps to log into the Tanium Console are as follows:

  1. Open a web browser and go to the Tanium Server URL.

    The URL has the format https://<Tanium_Server_FQDN>[:port]. If the Tanium Server uses the default port (443), you do not need to specify the port.

    If SAML is not configured for any user, the login page displays only the Username and Password fields for local or LDAP authentication.

    If the Tanium Server is configured to authenticate some users through a SAML IdP, the login page displays a Login with SSO button and a Login with password link below it.

  2. (Skip if SAML is not enabled) Click Login with password.

    The Username and Password fields then appear.

  3. Enter your Username and Password and click Log in.

Log in using SAML SSO authentication

If the Tanium Server is configured to serve as a Security Assertion Markup Language (SAML) service provider (SP), the Tanium Console provides single sign-on (SSO) access through a SAML identity provider (IdP). After logging into the IdP, a user can start new Tanium Console sessions repeatedly without re-authenticating, until the IdP session times out. Only Tanium Server 7.2 and later supports SAML. For details, see Integrating with a SAML IdP.

The IdP session timeout is configured on the IdP server. Consult your IdP administrator for more information.

The steps to log in depend on whether the Tanium Server is configured for IdP-initiated or SP-initiated SSO.

IdP-initiated SSO

  1. Go to the IdP SSO portal.

    If you previously logged into the IdP and your IdP session is active, you do not need to authenticate. If you never logged into the IdP or your IdP session has timed out, the IdP prompts you to authenticate.

  2. If necessary, log into the IdP using your username and password.

    The IdP portal displays a tile for each application that you can access.

  3. Click the Tanium Console tile.

    The IdP redirects you to the Tanium Server and the Tanium Console opens in your browser.

SP-initiated SSO

  1. Open a web browser and go to the Tanium Server URL.

    The URL has the format https://<Tanium_Server_FQDN>[:port]. If the Tanium Server uses the default port (443), you do not need to specify the port.

    The login page appears.

  2. Click Login with SSO.

    If you previously logged into the IdP and your IdP session is active, you do not need to authenticate: the IdP redirects you to the Tanium Server and the Tanium Console opens in your browser. If you never logged into the IdP or your IdP session has timed out, the Tanium Server redirects you to the IdP for authentication.

  3. If necessary, log into the IdP using your username and password.

    The IdP then redirects you to the Tanium Server, and the Tanium Console opens in your browser.

Log out of the Tanium Console

When it is time to end your Tanium Console session, the best practice is to log out and close the web browser. To log out, open the drop-down menu beside Logged In: <username> at the top right of the Tanium Console and and select Logout.

If the Tanium Server is configured to integrate with a SAML IdP, your IdP session remains active even after you log out of the Tanium Console. This means you can access the Tanium Console again without re-authenticating, until the IdP session times out.

Set up the Tanium Console and Interact

The Tanium Console and Interact are licensed as part of the Tanium Core Platform. The Tanium Console is installed automatically during Tanium Server installation. If your license is in the Tanium Server installation directory when you first open the Tanium Console, Interact is installed automatically. Otherwise, you can install Interact from the Tanium Solutions page. After installing Tanium Core Platform servers, perform the following tasks to set up the Tanium Console, Interact, and Tanium Core Platform:

  1. Review the system, network, security, and user role requirements for the Tanium Console and Interact. For details, see Tanium Console and Interact requirements.
  2. Import the Tanium modules and content packs that you will use: see Managing Tanium solutions. If you need to install Interact, see Tanium Interact User Guide: Installing Interact.
  3. (Optional) Customize the Tanium Console and Interact. For example, you can customize the color and logo for the Tanium Console, set your user preferences, and show, hide, or reorder sections of the Interact Home page. For details, see Customizing the Tanium Console and Interact.

  4. (Optional) Configure Tanium Core Platform settings such as Tanium Client subnets, proxy server settings, whitelisted URLs, and bandwidth throttling. For details, see Configuring the Tanium Core Platform.

  5. (Optional) Create custom content (such as sensors, packages and saved questions) to complement the predefined content that you import through Tanium modules and content packs. For details, see Content overview.
  6. Set up role-based access control (RBAC) to determine what users can see and do with the Tanium Core Platform. This involves configuring users, user groups, user roles, computer groups, and content set permissions. For details, see RBAC overview.

Use Tanium Interact

The following are regular tasks that you perform after the initial setup of the Tanium Console and Interact:

  1. Issue dynamic questions to retrieve information about the endpoints in your network: see Asking questions.
  2. Analyze and manage question results. For example, you can drill down into the question results with additional questions, filter the Question Results grid, and export its content. For details, see Managing question results.
  3. Manage actions. For example, you can deploy ad-hoc actions or schedule recurring actions based on question results, and configure an action approval workflow. For details, see Tanium actions overview.
  4. Manage saved questions. For example, you can create saved questions, assign them to dashboards, assign the dashboards to categories, and assign saved questions to content sets based on RBAC requirements. For details, see Managing saved questions.

Last updated: 7/17/2019 8:27 AM | Feedback