Tanium Investigate: Get to root cause faster - Tanium Tech Talks #73
Get to root cause faster by correlating artifacts across endpoints and team members using Tanium's new Investigate module.
RESOURCES
Docs
https://docs.tanium.com/investigate/investigate/index.html
Community Announcement
https://community.tanium.com/s/article/Introducing-Tanium-Investigate
Release Notes
https://kb.tanium.com/Category:Tanium_Investigate
Tuning Tanium free webinar series
https://community.tanium.com/s/tuning-tanium
CHAPTERS
00:00 Intro
01:15 Meet Josh
01:50 What is Investigate?
04:20 Problems We're Solving
06:58 ServiceNow Integration
08:00 Performance Timeline
09:30 DEMO: Investigate Performance Events
13:53 Windows Event Log IDs
16:45 DEMO: Create an Investigation
19:28 DEMO: Adding Comments, Assignment, Priority
20:40 DEMO: Module Homepage
22:28 Supported Modules
24:05 DEMO: Remote Management, Live Resources
25:45 Windows, MacOS, Linux
26:30 DEMO: Live File Browse, Tail, Delete
28:54 Upcoming Capabilities
31:27 How do I get it?
32:25 Wrap Up & Resources
#informationtechnology #informationsecurity #MTTR #MeanTimeToResolution #troubleshooting #rootcause