Getting started with the Tanium Console and Interact

Log into and out of the Tanium Console

Access the Tanium Console through a supported web browser: see Web browser requirements.

When you first log in after the Tanium Server is installed, you must enter the username and password of the initial Tanium Console administrator account. The credentials for this account are set during server installation. This account has the Administrator reserved role and can create additional users.

At the first login after Tanium Server installation, the Tanium Console displays a popup that shows the progress of initial content pack imports, and then opens the Tanium Solutions page. Use this page to import Tanium modules and shared services that you are licensed to use (see Managing Tanium solutions). For subsequent login sessions, the Tanium Console displays its home page (https://<Tanium Server>/#/home) by default. However, if your browser URL field specified another console page (such as https://<Tanium Server>/#/actions/scheduled/) when the browser timed out or you logged out, that page opens when you next log in through the same browser.

The steps to log into the Tanium Console depend on how the Tanium Server is configured to authenticate your user account.

Log in in using local or LDAP/AD authentication

For user accounts that you create locally on the Tanium Server (see Create a user), or that you import from a Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) server (see Integrating with LDAP servers), the steps to log into the Tanium Console are as follows:

  1. Open a web browser and go to the Tanium Server URL.

    The URL has the format https://<Tanium_Server_FQDN>[:port]. If the Tanium Server uses the default port (443), you do not need to specify the port.

    If SAML is not configured for any user, the login page displays only the Username and Password fields for local or LDAP authentication.

    If the Tanium Server is configured to authenticate some users through a SAML IdP, the login page displays a Login with SSO button and a Login with password link below it.

  2. (Skip if SAML is not enabled) Click Login with password.

    The Username and Password fields then appear.

  3. Enter your Username and Password and click Log in.

    By default, the Tanium Server applies the permissions of your default persona upon logging in.

  4. (Optional) If your account has multiple personas and you want to switch to an alternative persona, go to the Main menu, select <current persona> > Change Persona, and click Apply beside the persona that you want to use. For details on personas, see Managing personas.

Log in using SAML SSO authentication

If the Tanium Server is configured to serve as a Security Assertion Markup Language (SAML) service provider (SP), t The Tanium Console provides single sign-on (SSO) access with two-factor authentication (2FA) through a Security Assertion Markup Language (SAML) SAML identity provider (IdP). After logging into the IdP, a user can start new Tanium Console sessions repeatedly without re-authenticating, until the IdP session times out. For details about configuring SAML, see Integrating with a SAML IdP.

The IdP session timeout is configured on the IdP server. Consult your IdP administrator for more information.

During the setup of your Tanium as a Service (TaaS) deployment, an administrator account is created that you can use to log into the Tanium Console for the first time. This user is based on an IdP account that your organization selects as the primary administrator for your TaaS deployment. The user has unrestricted computer group management rights. The user also has the Admin reserved role, which enables access to all the features that are available in TaaS, including the ability to configure role-based access control (RBAC) for all other TaaS users. For details, see Admin reserved role.

The steps to log in depend on whether the Tanium Server is configured for IdP-initiated or SP-initiated SSO.

IdP-initiated SSO

  1. Go to the IdP SSO portal.

    If you previously logged into the IdP and your IdP session is active, you do not need to authenticate. If you never logged into the IdP or your IdP session has timed out, the IdP prompts you to authenticate.

  2. If necessary, log into the IdP using your username and password.

    The IdP portal displays a tile for each application that you can access.

  3. Click the Tanium Console tile.

    The IdP redirects you to the Tanium Server and the Tanium Console opens in your browser.

    By default, the Tanium Server applies the permissions of your default persona.

  4. (Optional) If your account has multiple personas and you want to switch to an alternative persona, go to the Main menu, select <current persona> > Change Persona, and click Apply beside the persona that you want to use. For details on personas, see Managing personas.

SP-initiated SSO

  1. Open a web browser and go to the Tanium Server URL that your TAM provided for your TaaS instance.

    The URL has the format https://<Tanium Server_FQDN><TaaS instance>.cloud.tanium.com[:port]. If the Tanium Server uses the default port (443), you do not need to specify the port.

    The login page appears.

    Login page

    Login page

  2. Click Login with SSO.

    If you previously logged into the IdP and your IdP session is active, you do not need to authenticate: the IdP redirects you to the Tanium Server and the Tanium Console opens in your browser. If you never logged into the IdP or your IdP session has timed out, the Tanium Server redirects you to the IdP for authentication.

  3. If necessary, log into the IdP using your username and password.

    The IdP then redirects you to the Tanium Server, and the Tanium Console opens in your browser.

    By default, the Tanium Server applies the permissions of your default persona.

  4. (Optional) If your account has multiple personas and you want to switch to an alternative persona, go to the Main menu, select <current persona> > Change Persona, and click Apply beside the persona that you want to use. For details on personas, see Managing personas.

Log out of the Tanium Console

When it is time to end your Tanium Console session, the best practice is to log out and close the web browser. To log out, go to the Main menu and select <user name> > Sign out.

If the Tanium Server is configured to integrate with a SAML IdP, y Your IdP session remains active even after you log out of the Tanium Console. This means you can access the Tanium Console again without re-authenticating, until the IdP session times out.

Tanium Console components and navigation

The following figure shows the common components and navigation widgets that the Tanium Console displays regardless of which Tanium module is currently open:

Figure  1:  Tanium Console components and navigation
1 Main menu (header): Use the Main menu to navigate among Tanium modules, shared services, and the pages that you use to administer the Tanium Console and Tanium Core Platform. If your deployment has several environments, you can customize the color of the border along the top of the Main menu (red in Figure  1) for the Tanium Consoles in each environment. Using different colors can help users identify which environment they are logged into: see Customize the Tanium Console color. Below the border, the Main menu displays the following elements from left to right:
  • Logo: Click the logo to return to the Tanium Console home page from any other page in the console. By default, the Main menu displays the Tanium logo, but you can replace this with the logo for your enterprise: see Customize the Tanium Console logo.
  • Home Home: Click the icon to return to the Tanium Console home page from any other page in the console.
  • Modules Modules: Use this drop-down to open the workbench (user interface) for a Tanium module. The drop-down displays only the modules that are already imported and that you have permissions to access.
  • Administration Administration: Use this drop-down to navigate the Tanium Console administration pages or to open the workbench for a Tanium shared service that you have imported. The drop-down displays only the shared services and administration pages that you have permissions to access.
  • <Custom text>: By default, the area above the Build (<Platform>) <version> | Console <version> information is blank, but you can configure text (Production Environment in Figure  1) that helps users identify which environment they are logged into: see Select the Tanium Console header text.
  • <Version>: The Build (<Platform>): <version> | Console: ><version> fields indicate the type of Tanium Core Platform infrastructure (such as Windows), platform version, and Tanium Console version.
  • Help: Click to go to the Tanium documentation portal, which has links to the user guides for Tanium products. By default, the link opens the URL https://docs.tanium.com, but you can change it: see Customize the Tanium Console help URL.
  • <Current persona>: This drop-down appears only if you logged into the Tanium Console with a user account that has alternative personas assigned. The drop-down label indicates the current persona. Use the drop-down to switch personas. For details, see Select a persona for your Tanium Console session.
  • <Current user>: The label for this drop-down is the user name of the account that you used to log into the Tanium Console. Use the drop-down to display the date and time when you last logged in, or to select from the following options:
    • Preferences: Configure certain behaviors of the Tanium Console based on the user account that you used to log in: see Set Tanium Console user preferences.
    • Local Error Log: Opens a page that lists details about the last 100 errors that were returned to the Tanium Console in response to actions taken with the browser. For details, see View and copy the Tanium Console error log.
    • Sign out: Terminate the current Tanium Console login session.
  • Warning indicatorWarning: This icon appears only if warning conditions exist. The Tanium Console initially displays the warnings when you log in. Click this icon to redisplay the warnings.

2 Navigation pane: The navigation pane appears in the workbench of every Tanium module and shared service so that you can navigate the workbench pages. The navigation pane also appears for Tanium Console administration pages that have sub-pages. By default, the navigation pane is collapsed until you click Expand Expand. You can also select a page without expanding the navigation pane by hovering over Options Options and selecting the page name.

Navigation pane options

3 Display pane: Displays the main body of the current Tanium Console page. In Figure  1, the display pane shows the Interact Home page.

Tanium Console home page

The Tanium Console home page (Figure  2) serves as a site map that shows the Tanium solutions and Tanium Console administration pages that you can access. The page provides quick access to:

  • Core Interact features

    The top of the home page displays the Ask a Question field and a link to the Question Builder. For details on using these Interact features, see Asking questions.

  • Tanium module workbenches

    Click a module tile to open the workbench for that module. To open the workbench in a new browser tab, hover over the tile and click Open Expand. The page displays tiles only for the modules that are already imported and that you have permissions to access.

  • Tanium shared service workbenches

    In the Tanium Services section, click the links to open the workbench for a shared service. The page displays links only for the services that are already imported and that you have permissions to access.

  • Tanium Console administration pages

    In the Tanium Console section, click the links to open the pages that you use to administer the Tanium Core Platform and Tanium Console. The page displays links only for the administration pages that you have permissions to access.

Click the logo or Home Home on the left side of the Main menu to return to the Tanium Console home page from any other console page.

Figure  2:  Tanium Console home page

Set up the Tanium Console and Interact

The Tanium Console and Interact are licensed as part of the Tanium Core Platform. After you install the Tanium Core Platform servers, pPerform the following tasks to set up the Tanium Console, Interact, and Tanium Core Platform:

  1. Review the system, network, security, and user role requirements for the Tanium Console and Interact. For details, see Tanium Console and Interact requirements.
  2. Import the Tanium modules and content packs that you will use: see Managing Tanium solutions.
  3. (Optional) Customize the Tanium Console and Interact. For example, you can customize the border color and logo in the Main menu, set your user preferences, and reorganize the Interact Home page. For details, see Customizing the Tanium Console and Interact.

  4. (Optional) Configure Tanium Core Platform settings such as Tanium Client subnets, proxy server settings, allowed URLs, and bandwidth throttling. For details, see Configuring the Tanium Core Platform.

  5. (Optional) Create custom content (such as packages and saved questions) to complement the Tanium-defined content that you import through Tanium modules and content packs. For details, see Content overview.
  6. (Optional) Configure sensors for automatic collection of results so that you can see stored results from endpoints that are offline when you issue questions: see Manage sensor results collection.
  7. Set up role-based access control (RBAC) to determine what users can see and do with the Tanium Core Platform. This involves configuring users, user groups, user roles, personas, computer groups, and content set permissions. For details, see RBAC overview.

Use Tanium Interact

The following are regular tasks that you perform after the initial setup of the Tanium Console and Interact:

  1. Issue dynamic questions to retrieve information about the endpoints in your network: see Asking questions.
  2. Analyze and manage question results. For example, you can drill down into the question results with additional questions, filter the Question Results grid, and export its content. For details, see Managing question results.
  3. Manage actions. For example, you can deploy ad-hoc actions or schedule recurring actions based on question results, and configure an action approval workflow. For details, see Tanium actions overview.
  4. Manage saved questions. For example, you can create saved questions, assign them to dashboards, assign the dashboards to categories, and assign saved questions to content sets based on RBAC requirements. For details, see Managing saved questions.