# Tanium
## About
The Tanium context integration provides enriched asset context to Netography Fusion from Tanium. It connects to the Tanium GraphQL API to retrieve asset information and then adds Context Labels to the Netography Fusion.
{% hint style="info" %}
**☁️NetoFuse Modules: Cloud deployment vs. on-prem deployment**
This page documents how to add and configure the context integration in the Netography Fusion Portal. This will make a direct connection from the Netography Fusion SaaS in the cloud to the vendor API. If you prefer to deploy the integration within your own environment (on-prem or in your own cloud) with a container or Python package, go to the module documentation in [NetoFuse Modules](broken://pages/6i3otB8UAClHx08Umd0Y).
{% endhint %}
## Adding a Context Integration
In the Netography Fusion Portal:
1. Select **Settings** at the bottom of the left-hand navigation menu
2. Select **Context Integrations** in the **Data Management** section.
3. Select the **Add Integration** button.
4. Select a context integration from the list provided.
5. Follow the configuration steps in the documentation for the context integration you selected.
## Configuring
| Field | Required | Description |
| ------- | -------- | --------------------------------- |
| API Key | Yes | API key for Tanium authentication |
| URL | Yes | Tanium server address |
{% hint style="danger" %}
**❗️The Tanium URL must be accessible from the Netography SaaS for cloud deployment of this context integration**
If your Tanium server is not accessible from external IPs, and you can not or do not want to allow external access to it from the Netography cloud, you need to deploy NetoFuse on-prem for this integration. See [About NetoFuse](/netofuse/about.md) for more details on how to deploy on-prem.
If you will be updating network firewall rules to allow this connectivity, the IP(s) that will be used to connect to Tanium from Netography can be found in the Fusion Portal under Settings > Overview in the *System Allow Lists* section under the *Integrations* label.
{% endhint %}
### Advanced Configuration Options
The following configuration options are available for the module.
| Field | Required | Description |
| ------- | -------- | --------------------------------- |
| API Key | Yes | API key for Tanium authentication |
| URL | Yes | Tanium server address |
#### Methods to gather data from Tanium
The `tanium`module supports 4 different methods for gathering data from Tanium. The best method to use depends on your Tanium deployment and the data you wish to retrieve, and determining this is best done in collaboration with a Tanium subject matter expert within your organization and by using the Tanium API documentation.
#### Fields to retrieve from Tanium
The `fields` configuration option defines what fields are retrieved from the Tanium API. This set of fields can then be used by the transform you define.
If you are using methods `ASSET`, `TDS`, or `TS`, the `fields` value represents a list of fields to retrieve from the GraphQL endpoint. The available field options can be retrieved through the Tanium GraphQL Schema or by navigating to the API Gateway GraphQL Playground in the Tanium console.
If you are using method `ADHOC`, the `fields` value represents a list of sensors you want to retrieve from endpoints. The Sensor name is used and can be retrieved from the sensors page in the Tanium UI.
The default configuration uses the `ASSET` method and this `fields` configuration:
`["computerId","computerName","createdAt","eid","id","ipAddress","manufacturer","operatingSystem","osPlatform","serialNumber","servicePack","userName","updatedAt"]`
If you are using the `TDS`, `TS`, or `ADHOC`methods, you will need to update the `fields` configuration.
Example `fields` configuration for `ADHOC`method:
`["Computer Name", "IP Address", "OS Platform", "OS Name", "OS Generation", "OS Version", "Serial Number", "Service Pack", "User Name", "Last Logged In User"]`
Example`fields` configuration for `TDS`, and `TS` methods:
`["ipAddress", "computerID", "serialNumber", "name", "os{name,platform,generation}","primaryUser{name,email}","lastLoggedInUser"]`
### Transform
The **Advanced** section of the context integration contains the *Transform* field. This field allows you to add, remove, or change the mapping of fields returned by the vendor API to Netography Fusion context labels.
See the [Context Transforms](/netofuse/context-transforms.md) documentation section for more instructions on editing this field.
It may be helpful to first configure all the parameters and the transform field with a [NetoFuse](/netofuse/about.md) container on your local system and then copy those fields into the Portal once you have validated that everything is configured properly.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.fusion.vectra.ai/enrich-traffic-with-context/configure-context-integrations/tanium-context.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.