It seems like it would be a good idea to speak briefly about TanREST since my initial posts jumped right into advanced topics with the assumption that all three of you would have foreknowledge of the software beforehand.
Since the entire premise of this post is to correct assumptions made previously, I will not compound that sin by assuming that you are intimately familiar with PowerShell. It’s hard to imagine that many Windows administrators haven’t at least heard about PowerShell by this point but I do know that many of you still haven’t embraced the product in your day-to-day lives yet. As such, I wanted to cover some high-level concepts pertaining to PowerShell so that you’ll better understand how transformative TanREST is.
What is PowerShell
- PowerShell is an object-oriented, cross-platform command-line shell and configuration framework built on top of the .NET and .NET Core frameworks. Available on Windows, Linux, and Mac OS
- PowerShell leverages ‘cmdlets’ which are purpose-built .NET classes with very specific functionality.
- Cmdlets use Verb-Noun structure to indicate operation (E.g., Get-Process whereby ‘Get’ indicates the acquisition of something and ‘Process’ indicates the data you’re seeking).
- Advanced scripts known as functions can be written to emulate the look and feel of native cmdlets, allowing for functionality like parameters, parameter sets, input validation, and the like.
- Scripts can be comprised of many different invocations of cmdlets and modules can be created as an amalgamation of scripts or functions.
Again, this is a high level overview of PowerShell as a competent deep dive into its capabilities would, could, and has become the sole focus of many different blogs and YouTube channels. If you would like to build a solid foundation of PowerShell knowledge, I would suggest picking up Learn Windows PowerShell in a Month of Lunches written by Don Jones and Jeffrey Hicks. This book possesses everything you need to know to get started and elicits near religious reverence by PowerShell advocates of all skill levels.
What is TanREST
TanREST is a PowerShell module that allows administrators to collect data and take administrative action on a Tanium instance via the REST API functionality that is available on some modules. The access provided by these APIs makes it possible to approach Tanium with custom automation and workflows to develop functionality that may or may not ever be natively available within the product itself. In my mind, TanREST is to Tanium what Tanium is to the rest of the industry; a quantum leap in capability that will allow for extraordinary innovation to take place in our enterprises.
This module is available by request only as it is still in development and has quite a few sharp edges that the skilled employees of Tanium are sanding down. The version of TanREST that I currently have is months out of date but still has 229 distinct functions; I have no doubt that the current version has even more.
Why Should I Care
This is a fair question and one that I would be remiss if I were to avoid addressing it. Ultimately, my belief that you should care stems from the recognition that the industry is driving headlong into automation. Regardless of the buzzword du jour, the near-universal truth for professionals in IT is that we’re always going to be asked to do more with less, we’re always going to be asked to deliver results more quickly, and we’re always going to be expected to do so in reliable, predictable, and auditable ways.
For Tanium specifically, my favorite example of why this matters is the fact that my employer has hundreds of maintenance windows that are set relative to Patch Tuesday. Anyone who has manually configured even a dozen maintenance windows in Tanium understands that this is not something that you want to do manually. During our POC, I found that once was enough to make me never want to do it again. Performing such a monotonous task on such a high number of objects on a monthly basis is guaranteed to end poorly at some point and that is unacceptable given that this mechanism controls when the business’ services will be available.
The first thing I developed, which can be explored in greater detail with the Setting Tanium Maintenance Windows with TanREST – Part I and Setting Tanium Maintenance Windows with TanREST – Part II posts, was the ability to ingest all our maintenance window settings from a CSV, enforce them across both Patch and Deploy, and get a cleanly formatted email covering what had been done. While this functionality will inevitably be implemented into the product, that was not and still has not been done yet and we needed it prior to go-live for the Tanium platform. Developing a rough, functional form of this concept only took a week or so and that was largely because I had no experience with APIs.
That’s the beauty of TanREST and scripting in general in my mind; your ability to do $thisThing is only limited by your imagination and skill set rather than the timelines of internal development (Assuming the developers even agree that the desired functionality is worthwhile to pursue).
That’s all I’ve got. Cry havoc and let slip the dogs of automation.