Service Graph Connector for Tanium

Release version: Yokohama

Updated July 31, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Service Graph Connector for Tanium

The Service Graph Connector for Tanium enables ServiceNow customers to import hardware, software, and software usage data from their Tanium environment directly into their ServiceNow instance. This integration supports efficient Configuration Management Database (CMDB) updates to enhance visibility and control over IT assets.

Show full answer Show less

Supported Versions and Upgrade Guidance

Supports Tanium versions 1.9+ for hardware and software data, and 1.17+ for software usage data.
Compatible with ServiceNow releases Washington DC, Xanadu, and Yokohama.
For Tanium Platform 7.6.2 and later, only token-based authorization is supported. Customers must reconfigure existing connections from basic to token-based authentication and recreate scheduled jobs if managing multiple instances.

Configuration

Customers configure and manage the connector via the SGC Central view within the Service Graph Workspace or CMDB Workspace. This centralized interface supports installation, discovery, lifecycle management, and troubleshooting of Tanium connections. The previously available guided setup method is deprecated in favor of this approach.

Monitoring Integrations

The Integration Commons for CMDB store app provides a dashboard that centralizes the status, processing results, and errors for all CMDB integrations, including Tanium. It allows filtering by integration, time frame, or specific runs, helping customers monitor data import health and performance.

Data Mapping and Processing

Tanium data sources are processed through the Robust Transform Engine (RTE) and loaded into the ServiceNow CMDB using the Identification and Reconciliation Engine (IRE).
Data types imported include applications, running processes, hardware, software, server and software installations, software usage (if Software Asset Management Professional plugin is activated), and removal records.
Software removal processes include a configurable buffer period based on hardware scan times to prevent premature deletion of software records.

Key Practical Takeaways for ServiceNow Customers

Ensure Tanium platform and ServiceNow versions meet compatibility requirements before installation.
Transition to token-based authorization for secure and supported connectivity, especially when upgrading to Tanium Platform 7.6.2 or newer.
Use the SGC Central view for streamlined connector management and avoid deprecated configuration methods.
Leverage the CMDB integrations dashboard for comprehensive monitoring and troubleshooting of Tanium data imports.
Activate the Software Asset Management Professional plugin to enable software usage data imports.
Configure the software removal buffer property to align software deletion timing with hardware scan data, minimizing data integrity risks.

Use the Service Graph Connector for Tanium to bring in hardware, software, and software usage data from a Tanium environment into your ServiceNow instance.

Request apps on the Store

Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Supported versions

Table 1. Versions
Tanium	ServiceNow
Tanium 1.9 or later versions for hardware and software Tanium 1.17 or later versions for software usage	Washington DC Xanadu Yokohama

Important information for upgrading Service Graph Connector for Tanium

Tanium Platform 7.6.2 or later versions support token-based authorization only. After you have installed the latest version of the Service Graph Connector for Tanium, verify the following configurations to use Tanium Platform 7.6.2 or later versions in your on-premise setups:

For a single instance, reconfigure the authentication type of an existing connection to use token-based authorization.
For multiple instances, deactivate the existing scheduled jobs for previously configured instances that used basic authorization, and then create and configure new instances to use token-based authorization.

Configuring a connection

Use the SGC Central view in the Service Graph Workspace or CMDB Workspace to install the connector and configure the connection. The view enables you to install and discover connectors and to manage the full life cycle of creating, editing, monitoring, and debugging connections. For instructions, see Configure Service Graph Connector for Tanium using SGC Central.

Important:

Unless there are configuration issues, use SGC Central to configure the connection. The guided setup method for configuration is being deprecated.

CMDB integrations dashboard

The Integration Commons for CMDB store app provides a dashboard with a central view of the status, processing results, and processing errors of all installed integrations. You can see metrics for all integration runs. You can filter the view to a specific CMDB integration, a specific time duration, or a specific integration run. For more details about monitoring Tanium integrations in the CMDB Integrations Dashboard, see Using the CMDB Integrations Dashboard.

Data mapping

Data from the Tanium data sources is mapped and transformed into the ServiceNow CMDB Configuration Item (CI) class definitions using the Robust Transform Engine (RTE). Data is inserted into the ServiceNow CMDB using the Identification and Reconciliation Engine (IRE).

The following table describes the data sources, the staging tables, and the target tables including CMDB CI and non-CMDB CI classes for the Tanium application.

Table 2. Data mapping for Tanium
Data source	Staging table	Target tables	Resource types
SG-Tanium Applications	SG-Tanium Applications [sn_tanium_integ_sg_tanium_applications]	Application Running Process TCP	Applications
SG-Tanium Hardware and Software	SG Tanium Import [sn_tanium_integ_sg_tanium_import]	Computer File System Disk IP Address When the Software Asset Management (SAM) application isn't installed: Software Software Instance When the SAM application is installed: Software Installation	Server and software
SG-Tanium Usage	SG Tanium Usage Import [sn_tanium_integ_sg_tanium_usage_import]	Software Usage [samp_sw_usage]	None
SG-Tanium Remove Software	Integration Commons Remove Record [sn_cmdb_int_util_remove_record]	None	None

Note:

The SG-Tanium Usage data source is available only when the Software Asset Management Professional plugin (com.snc.samp) plugin is activated on your ServiceNow instance. See Request Software Asset Management.
The SG-Tanium Remove Software data source creates import sets and uses the transform map-based method for removing any target records for software data that weren't updated in the last delta query check. See Managing CMDB data deletion.
Starting with the Service Graph Connector for Tanium 1.8.0 release, a buffer time is added for software removal when the buffer_days_from_last_scan_for_hardware system property is enabled. When this system property is enabled, the software removal candidate is removed only if the last scan time of the hardware on which the software removal candidate is installed is earlier than the last success import time + buffer time. To enable this property, set the value of the buffer_days_from_last_scan_for_hardware system property to a non-zero numeral value according to the number of days of buffer that you require. To disable this property, set the value to 0.

You can use the IntegrationHub ETL app to view the data maps. See IntegrationHub ETL for more information.

Additional resource

How do I configure the Tanium Service Graph Connector? article on the ServiceNow Community site