Difference between revisions of "Tanium Custom Sensors"
From RiceFamily Wiki
| (One intermediate revision by the same user not shown) | |||
| Line 7: | Line 7: | ||
= Links = | = Links = | ||
* [https://community.tanium.com/s/question/0D57V00007M5Y4uSAF/tanium-sensor-and-python-development-environment Tanium sensor and Python development environment] - Tanium Discussion Boards | * [https://community.tanium.com/s/question/0D57V00007M5Y4uSAF/tanium-sensor-and-python-development-environment Tanium sensor and Python development environment] - Tanium Discussion Boards | ||
| + | * [https://www.youtube.com/watch?v=s4cEPzDWts4 Go-Tanium Tech Talks | Episode 21: "KISS: Keep It Simple Sensor"] | ||
----- | ----- | ||
| Line 15: | Line 16: | ||
Current release of Python used in Tanium : 3.1.2 | Current release of Python used in Tanium : 3.1.2 | ||
| + | |||
| + | |||
| + | "exec" "env" "TANIUM_SENSOR=1" "'pwd'/'if [ -f TPython ]; then echo TPython/TPython; else echo python27/python; fi'" "$0" "$@" | ||
| + | inport tanium | ||
| + | import tanium.host | ||
| + | |||
| + | SENSOR_DELIMITER = '|' | ||
| + | |||
| + | def do_stuff(): | ||
| + | comp_name = tanium.host.get_hostname() | ||
| + | answer = "{hello}{sep}{name}.format(hello="Hello", sep=SENSOR_DELIMETER, name=comp_name) | ||
| + | tanium.results.add(answer) | ||
| + | |||
| + | try: | ||
| + | do_stuff() | ||
| + | except Exception as e: | ||
| + | tanium.results.add("Error executing sensor: {}".format(e)) | ||
Latest revision as of 04:57, 10 May 2025
Tanium Sensors are how we pull data back about Endpoints.
They can be written with VBS, PowerShell or Python.
Python works on both Windows, Linux, and Mac so it is the preferred method of writing Custom Sensors.
Links
- Tanium sensor and Python development environment - Tanium Discussion Boards
- Go-Tanium Tech Talks | Episode 21: "KISS: Keep It Simple Sensor"
Python Executable path : C:\Program Files (x86)\Tanium\Tanium Client\TPython312\TPython.bat
Python Executables : ``C:\Program Files (x86)\Tanium\Tanium Client\python312``
Current release of Python used in Tanium : 3.1.2
"exec" "env" "TANIUM_SENSOR=1" "'pwd'/'if [ -f TPython ]; then echo TPython/TPython; else echo python27/python; fi'" "$0" "$@"
inport tanium
import tanium.host
SENSOR_DELIMITER = '|'
def do_stuff():
comp_name = tanium.host.get_hostname()
answer = "{hello}{sep}{name}.format(hello="Hello", sep=SENSOR_DELIMETER, name=comp_name)
tanium.results.add(answer)
try:
do_stuff()
except Exception as e:
tanium.results.add("Error executing sensor: {}".format(e))
