Reporting overview
Use Tanium™ Reporting to explore real-time visualizations of your endpoint data, create custom reports and charts from the data, and export data to share with key stakeholders.
Features include:
- Explore data across Tanium modules
- Create custom reports with data that you select
- Build dashboards of charts from reports to quickly visualize the data
- Filter data directly in the reports and dashboards
- Revisit reports and dashboards to see updated data
- Share reports and dashboards with others
Explore data
Tanium Reporting contains an Explore Data page that you can use to view available endpoint data in a table format, and then save as a custom report.
In the Source Data section, select specific data to show in a table.
You can then add filters to limit the data.
When finished, you can save the report to view later with updated data.
For information about how to use the Explore Data page to create reports, see Working with reports.
Data sources
Data sources provide data that you can use to build reports and, consequently, dashboards. Reporting uses data that is stored in Tanium Data Service, which is included with Tanium Interact
|
After installation completes, Tanium Data Service automatically registers multiple sensors on the Tanium Server. |
|
Users and other Tanium solutions can register sensors with Tanium Data Service. |
|
A user opens a report in Reporting. |
|
Reporting retrieves the report data from Tanium Data Service. |
|
|
Tanium Data Service automatically registers multiple sensors for collection. Users and other Tanium solutions can register sensors with Tanium Data Service. |
|
|
A user opens a report in Reporting. |
|
|
Reporting retrieves the latest report data from Tanium Data Service. |
Tanium Data Service
Tanium Data Service stores sensor results for endpoints when you issue a question. After you register sensors for collection, the service queries all managed endpoints to collect the results of those sensors and stores the data. To keep the results current, Tanium Data Service periodically reissues questions that contain the registered sensors.
Data is added to Tanium Data Service through the following methods:
Preregistered sensors
Tanium Data Service automatically registers certain sensors for collection. For example, the service automatically registers sensors that identify endpoints or define membership in computer management groups.
Sensors registered by Tanium solutions
Tanium solutions, including Reporting, register sensors with Tanium Data Service.
Virtual sensors
Tanium solutions can send endpoint data directly to Tanium Data Service without the need for a sensor. The data is then available to use through Tanium Data Service and Reporting. This concept is called virtual sensors; a virtual sensor extrapolates endpoint data from known data and other sensors. Examples in Reporting include the Tanium > EID Last Seen and Miscellaneous > Risk Vectors > Asset Criticality data sources.
User-registered sensors
You can register sensors to use in reports. When you decide which sensors to register, consider that results collection consumes resources such as network bandwidth, processing on endpoints, and disk space
- For information about how to register sensors, see Tanium Console User Guide: Manage sensor results collection.
- For required permissions to register sensors, see Tanium Interact User Guide: User role requirements.
Certain sensors, such as sensors that provide duplicate data, are intentionally unavailable in Reporting, even if you register the sensors in Tanium Data Service. For a list of unavailable sensors, see Unable to view or select content.
Reports
You can use Reporting to create and view reports with data that is collected by Tanium Data Service. Select the data that you want to include in the reports, and then add filters to limit the data in the report to endpoints in specific management groups or endpoints with specific operating systems.
Tanium managed reports
Reporting contains predefined reports that you can use in your environment. The predefined reports, or Tanium Managed reports, are managed by Tanium and cannot be edited or deleted. However, you can assign reports to a different content set to limit access, and you can copy a report and edit the new report.
To view Tanium-managed reports in the Tanium™ Console, go to Data > Reports and select Tanium Managed for the Author filter.
The Tanium Managed reports use data supplied by content packs and Tanium solutions. To access all content in the Tanium Managed reports, make sure to install all feature-specific dependencies. For information, see Solution dependencies.
Flattened data
Reporting flattens data that appears in reports and on the Explore Data page. Flattening data reduces the number of rows in the report. In an unflattened table, each cell in the table contains one value. With flattening, you can select a column on which to flatten to consolidate data and reduce the number of rows. For example, consider a table that contains a column for Installed Applications and a column for Computer Name. The Installed Applications source can return multiple applications for each endpoint. If you flatten the table by Computer Name, each row contains the computer name of the endpoint with all its installed applications.
Reports are flattened by data from a single source; if multiple columns are provided by the same data source, then the report is flattened by all column data provided by the source. By default, a report is flattened by the first column that you add to the report, but only if the column can contain multiple values in each row. If a column has only one value in each row, no flattening is needed and the flatten icon does not appear for that column. You can change the column on which to flatten results.
Example tablesCharts
In Reporting, you can add charts to dashboards, and you can add a chart to each report through the Add Visualization feature. Charts are built on report data. You can also customize the chart type, date range, color scheme, and more.
On dashboards, charts are contained in panels. The panels on Tanium™ Trends boards are similar to the panels on dashboards in Reporting.
- For information about how to use charts in a dashboard, see Working with dashboards.
- For information about how to add a chart to a report, see Working with reports.
- For information about chart types, see Reference: Chart options in Reporting.
Dashboards
In Reporting, a dashboard organizes a collection of panels. In addition to panels, you can add collapsible sections to dashboards to further organize panels.
Tanium managed dashboards
Reporting contains predefined dashboards that you can use in your environment. The predefined dashboards, or Tanium Managed dashboards, are managed by Tanium and cannot be edited. However, you can assign dashboards to a different content set to limit access, and you can copy a dashboard and edit the new dashboard.
Tanium-managed dashboards include:
- Asset Discovery and Inventory
- Endpoint Management
- Risk and Compliance
To view Tanium-managed dashboards in the Tanium™ Console, go to Data > Dashboards and select Tanium Managed for the Author filter.
The Tanium-managed dashboards use data supplied by content packs and Tanium solutions. To access all content in the Tanium-managed dashboards, make sure to install all feature-specific dependencies. For information, see Solution dependencies.
For information about dashboards, see Working with dashboards.
Integration with other Tanium products
Reporting has built in integration with other Tanium solutions for additional reporting of related data.
Connect
Configure a Tanium™ Connect destination to export reports outside of Tanium. For more information, see Export reports through Tanium Connect.
Interact
Reporting uses data that is stored in the Tanium Data Service, which is included with Tanium Interact. For information, see Data sources.
Last updated: 9/22/2022 2:31 PM | Feedback