Trends requirements

Review the requirements before you install and use Trends.

Core platform dependencies

Make sure that your environment meets the following requirements:

  • Tanium™ Core Platform 7.4.3.1204 or later

Solution dependencies

Other Tanium solutions are required for Trends to function (required dependencies) or for specific Trends features to work (feature-specific dependencies). The installation method that you select determines if the Tanium Server automatically imports dependencies or if you must manually import them.

Some Trends dependencies have their own dependencies, which you can see by clicking the links in the lists of Required dependencies and Feature-specific dependencies. Note that the links open the user guides for the latest version of each solution, not necessarily the minimum version that Trends requires.

Tanium recommended installation

If you select Tanium Recommended Installation when you import Trends, the Tanium Server automatically imports all your licensed solutions at the same time. See Tanium Console User Guide: Import all modules and services.

Import specific solutions

If you select only Trends to import, you must manually import dependencies. See Tanium Console User Guide: Import, re-import, or update specific solutions.

Required dependencies

Trends has the following required dependencies at the specified minimum versions:

  • Tanium™ Interact 2.4.50 or later
  • Tanium™ RDB 1.0.148 or later
  • Tanium™ System User service 1.0.77 or later

Feature-specific dependencies

Trends has the following feature-specific dependencies:

  • The initial gallery uses sensors that are included in Tanium solutions, the Core Content pack, and the Default Content pack. If this content is not present when you import the gallery, the corresponding sources, boards, panels, and sections are not created.

Tanium™ Module Server

Trends installs and runs as a service on the Module Server. The impact on Module Server sizing is minimal and depends on usage. Consult with Tanium Support for details.

Endpoints

Trends does not deploy packages to endpoints. For Tanium Client operating system support, see Tanium Client Management User Guide: Client version and host system requirements.

Host and network security requirements

Specific ports and processes are needed to run Trends.

Ports

The following ports are required for Trends communication.

Source Destination Port Protocol Purpose
Module Server Module Server (loopback) 17452 TCP Internal purposes, not externally accessible
Module Server (loopback) 17462 TCP Internal purposes, not externally accessible

Configure firewall policies to open ports for Tanium traffic with TCP-based rules instead of application identity-based rules. For example, on a Palo Alto Networks firewall, configure the rules with service objects or service groups instead of application objects or application groups.

For Tanium Cloud ports, see Tanium Cloud Deployment Guide: Host and network security requirements.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, Tanium recommends that a security administrator create exclusions to allow the Tanium processes to run without interference. The configuration of these exclusions varies depending on AV software. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.

Trends security exclusions
Target Device Notes Exclusion Type Exclusion
Module Server   Process <Module Server>\services\twsm-v1\twsm.exe
  Process <Module Server>\services\trends\node_modules\@tanium
\postgresql\lib\win32\bin\postgres.exe
  Process <Module Server>\services\trends\node_modules\@tanium
\postgresql\lib\win32\bin\pg_ctl.exe

No additional process exclusions are required.

User role requirements

The following tables list the role permissions required to use Trends. To review a summary of the predefined roles, see Set up Trends users.

Trends user role permissions
Permission Trends Administrator1 Trends Author1 Trends Board Author Trends Board Viewer Trends Operator1 Trends Service Account1,2,3,4 Trends Service Account - All Content Sets1,4

Trends 5

SHOW: Access to the Trends workbench.

EXPORT: Export boards and sources.

IMPORT: Import from file or gallery. Does not grant access to create new or custom boards and sources.

PUBLISH: Generate and publish reports.
SHOW
SHOW
EXPORT
IMPORT
PUBLISH
SHOW
PUBLISH
SHOW
SHOW
EXPORT
IMPORT
PUBLISH
SHOW
IMPORT

Trends Administrator

Unrestricted access to all Trends content, actions, and workbench
ADMINISTER
ADMINISTER

Trends API Board6

View, create, edit, or delete boards, sections, and panels for specified content sets
READ
WRITE
READ
WRITE
READ
READ
WRITE
READ
WRITE

Trends API Source6

View, create, edit, or delete sources for specified content sets
READ
WRITE
READ
READ
WRITE
READ
WRITE

Trends Board (deprecated)

View, create, edit, or delete boards, sections, and panels

In Trends 3.0 and later, use the Trends API Board, Trends show, and Trends Data permissions instead
READ
WRITE
READ
WRITE
READ

Trends Data6

Run data queries against sources
READ
READ
READ
READ
READ

Trends Integration Service Account6

Provides access for module service accounts to read and write data, and to define sources and boards
EXECUTE

Trends Operator Read Saved

View and list boards, sections, and panels in the Trends content sets
QUESTION

Trends Operator Settings

Access to some module-level settings for Trends (excludes setting service credentials)
WRITE

Trends Service Account

Provides access for the Trends service account to read and write data, and to define sources and boards
EXECUTE

Trends Settings

Access to module-level settings for Trends

Trends Source (deprecated) 5,7

View, create, edit, or delete sources

In Trends 3.0 and later, use the Trends API Source, Trends show, and Trends Data permissions instead
READ
WRITE
READ

Trends View Recent8

View recent saved question results on the panel page
RESULTS
RESULTS
RESULTS
RESULTS

1 This role provides module permissions for Tanium Interact. You can view which Interact permissions are granted to this role in the Tanium Console. For more information, see Tanium Interact User Guide: User role requirements.

2 This role provides module permissions for Tanium RDB. You can view which RDB permissions are granted to this role in the Tanium Console.

3 This role provides module permissions for Tanium Connect. You can view which Connect permissions are granted to this role in the Tanium Console. For more information, see Tanium Connect User Guide: User role requirements.

4 Do not assign the Trends Service Account and Trends Service Account - All Content Sets roles to users. These roles are for internal purposes only.

5 Requires content set permissions for the sensors that Trends uses.

6 Denotes a permission that determines access to content sets.

7 Module sources require administrator access.

8 Requires Sensor read permission for the content set that contains the sensor used by a source. To view recent results for all sources, you need access to all content sets that contain sensors used by sources.
Trends user role permissions
Permission Trends Author1 Trends Board Author Trends Board Viewer Trends Operator1

Trends 2

SHOW: Access to the Trends workbench.

EXPORT: Export boards and sources.

IMPORT: Import from file or gallery. Does not grant access to create new or custom boards and sources.

PUBLISH: Generate and publish reports.
SHOW
EXPORT
IMPORT
PUBLISH
SHOW
PUBLISH
SHOW
SHOW
EXPORT
IMPORT
PUBLISH

Trends API Board 3

READ: View boards, sections, and panels for specified content sets

WRITE: Create, edit, delete, and configure boards, sections, and panels for specified content sets
READ
WRITE
READ
WRITE
READ
READ
WRITE

Trends API Source3

READ: View and list sources for specified content sets

WRITE: Create, edit, and delete sources for specified content sets
READ
WRITE
READ
READ
WRITE

Trends Board (deprecated)

View, create, edit, or delete boards, sections, and panels

Use the Trends API Board, Trends show, and Trends Data permissions instead.
READ
WRITE
READ
WRITE
READ

Trends Data3

Run data queries against sources
READ
READ
READ
READ

Trends Operator Read Saved

View and list boards, sections, and panels in the Trends content sets
QUESTION

Trends Operator Settings

Access to some module-level settings for Trends (excludes setting service credentials)
WRITE

Trends Source (deprecated)2,4

View, create, edit, or delete sources

Use the Trends API Source, Trends show, and Trends Data permissions instead.
READ
WRITE
READ

Trends View Recent 5

View recent saved question results on the panel page
RESULTS
RESULTS
RESULTS
RESULTS

1 This role provides module permissions for Tanium Interact. You can view which Interact permissions are granted to this role in the Tanium Console. For more information, see Tanium Interact User Guide: User role requirements.

2 Requires content set permissions for the sensors that Trends uses.

3 Denotes a permission that determines access to content sets.

4 Module sources require administrator access.

5 Requires Sensor read permission for the content set that contains the sensor used by a source. To view recent results for all sources, you need access to all content sets that contain sensors used by sources.


Provided Trends administration and platform content permissions
Permission Permission Type Trends Administrator Trends Author Trends Board Author Trends Board Viewer Trends Operator Trends Service Account Trends Service Account - All Content Sets
Client Status Administration
READ
Computer Group Administration
READ
READ
READ
Server Status Administration
READ
Plugin Platform Content
READ
EXECUTE
READ
EXECUTE
READ
EXECUTE
READ
EXECUTE
READ
EXECUTE
READ
EXECUTE
Saved Question Platform Content
READ
READ
READ
READ
READ
READ
READ
WRITE
Sensor Platform Content
READ
READ

You can view which content sets are granted to any role in the Tanium Console.
Provided Trends administration and platform content permissions
Permission Permission Type Trends Author Trends Board Author Trends Board Viewer Trends Operator
Client Status Administration
Computer Group Administration
READ
Server Status Administration
Plugin Platform Content
READ
EXECUTE
READ
EXECUTE
READ
EXECUTE
READ
EXECUTE
Saved Question Platform Content
READ
READ
READ
READ
Sensor Platform Content

You can view which content sets are granted to any role in the Tanium Console.

Content sets

In Trends 3.x and later, all All boards, sources, and saved questions must be assigned to a content set. The following table shows the predefined content sets. You can create your own content sets in addition to these content sets.

Trends content sets
Content set Description Predefined roles with access
Trends Default content set for Trends boards, sources, and saved questions.
  • Trends Administrator1
  • Trends Author
  • Trends Board Author
  • Trends Board Viewer
  • Trends Operator
  • Trends Service Account2
Trends Unassigned Content Trends boards, sources, and saved questions whose content set is deleted. Read-only.
  • Trends Administrator
  • Trends Operator
  • Trends Service Account
Trends Service Trends internal service content. Read-only.
  • Trends Administrator
  • Trends Operator
  • Trends Service Account

1 Users with the Trends Administrator role can access Trends boards and sources in any content set, but can only access Trends saved questions in the prebuilt content sets (Trends, Trends Service, and Trends Unassigned Content).

2 The Trends Service Account role has Saved Question write permission and Sensor read permission on all content sets.