Trends requirements

Review the requirements before you install and use Trends.

Tanium dependencies

In addition to a license for Trends, make sure that your environment meets the following requirements.

Component	Requirement
Tanium™ Core Platform	7.3.314.4250 or later
Tanium™ Client	7.2 or later recommended
Tanium Content	The initial gallery uses sensors that are included in Tanium modules, the Core Content pack, and the Default Content pack. If this content is not present when you import the gallery, the corresponding sources, boards, panels, and sections are not created.
Tanium products	If you selected Install with Recommended Configurations when you installed Trends, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Trends requires to function, as described under Tanium Console User Guide: Manage Tanium modules. The following module is required to view charts: Tanium Interact 2.4.50 or later
License	Tanium Core Platform entitlement. Contact Tanium Support if Trends does not appear on the Tanium™ Console solutions page. For more information, see Contact Tanium Support.

Tanium™ Module Server

Trends installs and runs as a service on the Module Server. The impact on Module Server sizing is minimal and depends on usage. Consult with Tanium Support for details. For more information, see Contact Tanium Support.

Endpoints

Trends does not deploy packages to endpoints. For Tanium Client operating system support, see Tanium Client User Guide: Host system requirements.

Host and network security requirements

Specific ports and processes are needed to run Trends.

Ports

The following ports are required for Trends communication.

Source	Destination	Port	Protocol	Purpose
Module Server	Module Server (loopback)	17452	TCP	Internal purposes, not externally accessible
Module Server	Module Server (loopback)	17462	TCP	Internal purposes, not externally accessible

Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.

Table 1: Trends security exclusions
Target Device	Notes	Process
Module Server		<Tanium Module Server>\services\twsm-v1\twsm.exe
		<Tanium Module Server>\services\trends\node_modules\@tanium \postgresql\lib\win32\bin\postgres.exe
		<Tanium Module Server>\services\trends\node_modules\@tanium \postgresql\lib\win32\bin\pg_ctl.exe

No additional process exclusions are required.

User role requirements

The predefined roles are Trends Author, Trends Board Author, Trends Board Viewer, and Trends Operator, and Trends Service Account.

The predefined roles are Trends Administrator, Trends Author, Trends Board Author, Trends Source Author, Trends Board Viewer, Trends Operator, and Trends Service Account.

Table 2: Tanium Trends User Role Permissions
Permission	Trends Administrator	Trends Author	Trends Board Author	Trends Source Author¹	Trends Board Viewer	Trends Operator	Trends Service Account
Show Trends Access to the Trends workbench (built-in)
Trends API Board Read² View boards, sections, and panels for specified content sets	³
Trends API Board Write² Create, edit, delete, and configure boards, sections, and panels for specified content sets	³
Trends API Source Read² View and list sources for specified content sets	³
Trends API Source Write² Create, edit, and delete sources for specified content sets	³
Trends Administrator Unrestricted access to all Trends content, actions, and workbench
Trends Board Read (deprecated) View and list boards, sections, and panels In Trends 3.0 and later, use the Trends API Board Read, Show Trends, and Trends Data Read permissions instead	³
Trends Board Write (deprecated) Create, edit, delete, and configure boards, sections, and panels In Trends 3.0 and later, use the Trends API Board Write, Show Trends, and Trends Data Read permissions instead	³
Trends Data Read² Run data queries against sources	³
Trends Export⁴ Export boards and sources	³
Trends Import⁴ Import from file or gallery Does not grant access to create new or custom boards and sources	³
Trends Integration Service Account² Provides access for module service accounts to read and write data, and to define sources and boards	³
Trends Operator Read Saved Question View and list boards, sections, and panels in the Trends content sets
Trends Operator Settings Write Access to some module-level settings for Trends (excludes setting service credentials)
Trends Publish Generate and publish reports	³
Trends Service Account Provides access for the Trends service account to read and write data, and to define sources and boards	³
Trends Settings Write Access to module-level settings for Trends	³
Trends Source Read (deprecated) ⁵ View and list sources In Trends 3.0 and later, use the Trends API Source Read, Show Trends, and Trends Data Read permissions instead	³
Trends Source Write (deprecated)^4,5 Create, edit, and delete sources In Trends 3.0 and later, use the Trends API Source Write, Show Trends, and Trends Data Read permissions instead	³
Trends View Recent Results⁶ View recent saved question results on the panel page	³
¹ The Trends Source Author role is deprecated and not available in Trends 3.0 and later. Users that were created in earlier versions of Trends with the Trends Source Author role will retain the same permissions in Trends 3.0 and later. ² Denotes a permission that determines access to content sets. ³ Permission is implied by Trends Administrator permission. ⁴ Requires content set permissions for the sensors that Trends uses. ⁵ Module sources require administrator access. ⁶ Requires Read Sensor permission for the content set that contains the sensor used by a source. To view recent results for all sources, you need access to all content sets that contain sensors used by sources.

Table 3: Tanium Trends User Role Permissions
Permission	Trends Author	Trends Board Author	Trends Source Author	Trends Board Viewer	Trends Operator	Trends Service Account
Show Trends Access to the Trends workbench (built-in)
Trends API Board Read¹ View boards, sections, and panels for specified content sets
Trends API Board Write¹ Create, edit, delete, and configure boards, sections, and panels for specified content sets
Trends API Source Read¹ View and list sources for specified content sets
Trends API Source Write¹ Create, edit, and delete sources for specified content sets
Trends Board Read (deprecated) View and list boards, sections, and panels Use the Trends API Board Read, Show Trends, and Trends Data Read permissions instead
Trends Board Write (deprecated) Create, edit, delete, and configure boards, sections, and panels Use the Trends API Board Write, Show Trends, and Trends Data Read permissions instead
Trends Data Read¹ Run data queries against sources
Trends Export² Export boards and sources
Trends Import² Import from file or gallery Does not grant access to create new or custom boards and sources
Trends Integration Service Account¹ Provides access for module service accounts to read and write data, and to define sources and boards
Trends Operator Read Saved Question View and list boards, sections, and panels in the Trends content sets
Trends Operator Settings Write Access to some module-level settings for Trends (excludes setting service credentials)
Trends Publish Generate and publish reports
Trends Service Account Provides access for the Trends service account to read and write data, and to define sources and boards
Trends Settings Write Access to module-level settings for Trends
Trends Source Read (deprecated) View and list sources Use the Trends API Source Read, Show Trends, and Trends Data Read permissions instead
Trends Source Write (deprecated) Create, edit, and delete sources Use the Trends API Source Write, Show Trends, and Trends Data Read permissions instead
Trends View Recent Results³ View recent saved question results on the panel page
¹ Denotes a permission that determines access to content sets. ² Requires content set permissions for the sensors that Trends uses. ³ Requires Read Sensor permission for the content set that contains the sensor used by a source. To view recent results for all sources, you need access to all content sets that contain sensors used by sources.

Content sets

In Trends 3.x and later, all boards, sources, and saved questions must be assigned to a content set. The following table shows the predefined content sets. You can create your own content sets in addition to these content sets.

Table 4: Tanium Trends Content Sets
Content set	Description	Predefined roles with access
Trends	Default content set for Trends boards, sources, and saved questions.	Trends Administrator¹ Trends Author Trends Board Author Trends Board Viewer Trends Operator Trends Service Account²
Trends Unassigned Content	Trends boards, sources, and saved questions whose content set is deleted. Read-only.	Trends Administrator Trends Operator Trends Service Account
Trends Service	Trends internal service content. Read-only.	Trends Administrator Trends Operator Trends Service Account
¹ Users with the Trends Administrator role can access Trends boards and sources in any content set, but can only access Trends saved questions in the prebuilt content sets (Trends, Trends Service, and Trends Unassigned Content). ² The Trends Service Account role has Write Saved Question permission and Read Sensor permission on all content sets.