SV-81591r1_rule
V-67101
SRG-APP-000358
TANS-SV-000029
CAT II
10
Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC.
Click on "Administration".
Select the "Connect" tab.
Click on "Connector Templates".
Choose and configure a template for a SIEM located at the site.
Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC.
Click on "Administration".
Select the "Connect" tab.
Click on "Configured Connectors".
Review for any configured "ArcSight", “McAfee SIEM", "SIEM", "Splunk" or "LogRhythm" connectors.
If SIEM connectors are not configured for send log data to offline log collection, this is a finding.
V-67101
False
TANS-SV-000029
Using a web browser on a system that has connectivity to the Tanium Server, access the Tanium Server web user interface (UI) and log on with CAC.
Click on "Administration".
Select the "Connect" tab.
Click on "Configured Connectors".
Review for any configured "ArcSight", “McAfee SIEM", "SIEM", "Splunk" or "LogRhythm" connectors.
If SIEM connectors are not configured for send log data to offline log collection, this is a finding.
M
2965