Tanium
Overview
Tanium solutions manage and protect networks and endpoints.
Event Categories
The following table lists the data source offered by this integration.
| Data Source | Description |
|---|---|
Binary file metadata |
to be defined |
Disk forensics |
to be defined |
File monitoring |
to be defined |
Host network interface |
to be defined |
Kernel drivers |
to be defined |
Loaded DLLs |
to be defined |
Named Pipes |
to be defined |
PowerShell logs |
to be defined |
Process command-line parameters |
to be defined |
Process monitoring |
to be defined |
Process use of network |
to be defined |
Services |
to be defined |
Windows event logs |
to be defined |
Windows Registry |
registry auditing events are examined in detail |
WMI Objects |
Windows WMI Activity events are analyzed, and events related to WMI process too |
Configure
Tanium logs can be collected under the rsyslog format and then forward to SEKOIA.IO. Refer to the official documentation of Tanium to forward your logs under rsyslog format and consult the Rsyslog Transport documentation to forward these logs to SEKOIA.IO.