Tanium Logs

Overview

Evidence: Tanium Logs Description: Collect Tanium Logs Category: Applications Platform: windows Short Name: tnml Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

Tanium is an enterprise endpoint management and security platform that provides real-time visibility and control. The monitor.db database contains endpoint monitoring data, system state information, and client activity logs.

Data Collected

This collector gathers structured data about tanium logs.

Collection Method

This collector gathers the Tanium Client monitor database from Program Files, which contains comprehensive endpoint monitoring and management data.

Forensic Value

Tanium's monitor database provides critical endpoint visibility including system inventory, deployed software, running processes, and security posture. It's valuable for investigating endpoint activities and understanding enterprise security state.

PreviousSystem Restore Points Information NextTCP Table

Last updated 3 days ago

Was this helpful?