All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Tanium app inputs

ccsfdave
Builder
‎07-30-2019 09:57 AM

I have a bunch of inputs that the tanium SME wants pulled into Splunk. I can’t find documentation on the app and whether it is looking for different sourcetypes etc. Is there a best practice on organizing the data coming in?
example:

Tanium App/DB Appliance: (update)
Tanium Module Appliance: (tanmod)
Tanium Deploy Fileserver (tanfile)
Tanium DMZ Appliance (tanzonea)

BTW if anyone comments, the above is coming into a HWF via UDP 514. We also have a HEC 8002 for other Tanium data coming in

0 Karma
Reply
Get Updates on the Splunk Community!

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

At this year’s Splunk University, I had the privilege of chatting with Devesh Logendran, one of the winners in ...

There's No Place Like Chrome and the Splunk Platform

WATCH NOW!Malware. Risky Extensions. Data Exfiltration. End-users are increasingly reliant on browsers to ...

Customer Experience | Join the Customer Advisory Board!

Are you ready to take your Splunk journey to the next level? 🚀 We invite you to join our elite squad ...