Tableau Lineage Scanner
Scanned and supported objects
Support version
The scanner supports only Tableau Cloud and therefore the current version (Tableau 2023.3).
Resources scanned
-
Site - Name, ID.
-
Project - Name, ID.
-
Workbooks - Name, ID, URI.
-
Data source - Name, ID, container name, description. Includes embedded and published data sources.
-
Fields - Name, ID, qualified name, description. Includes fields directly defined within the sheet and those beloging to another entity.
-
Calculated fields - Formula, list of fields that it is derived from.
-
Column fields - Fully qualified name, list of database columns the field is mapped to.
-
-
-
Sheets - Name, ID, path. Includes fields referenced on the sheet.
-
Dashboard - Name, ID. Includes fields referenced on the dashboard and lineage between the dashboard and sheets referenced from it. For each column field in a workbook, information about the database, tables, and columns they are mapped to is also retrieved.
-
Databases - Name, ID, connection type.
-
Tables - Name, ID, connection type.
-
Columns - Name, ID.
-
-
-
CustomSQLTable - Name, ID, query.
-
Supported connectivity
Connector type: REST API + Metadata API (GraphQL)
Authentication method: Username and Personal Access Token (PAT)
Server side permission settings
In Tableau, the following permissions must be configured for the user you’ll be authenticating with:
-
You need to have permission to call the Tableau Metadata API. For details, see the official Tableauu documentation: Tableau Meta API permission.
-
You need at minimum a Viewer role assigned, but keep in mind this can result in an incomplete scan. Ideally, the assigned role should be Administrator or Explorer instead.
-
You can only retrieve assets (such as projects, workbooks, data sources) if you have View capabilities or higher assigned on them. For details, see the official Tableauu documentation: View capabilities.
-
You have a valid Personal Access Token or you have set up a Connected App.
Scanner configuration
All fields marked with an asterisk (*) are mandatory.
| Property | Description |
|---|---|
|
Unique name for the scanner job. |
|
Specifies the source type to be scanned.
Must contain |
|
A human-readable description of the scan. |
|
List of Ataccama ONE connection names for future automatic pairing. |
|
Tableau Cloud admin (REST) API URL.
|
|
Name of the site you want to scan. |
|
Tableau service account token. For instructions about how to create tokens, see the official Tableau documentation: Service Account Tokens and Personal Access Tokens. |
|
Name of the access token. |
|
Path where the sign-in REST request is performed. To learn more, see the official Tableau documentation: Signing In and Signing Out (Authentication). |
|
Version of API to perform REST and GraphQL calls. To learn more, the official Tableau documentation: Fundamentals of the Tableau Server REST API. |
|
URL to send REST calls to. To learn more, the official Tableau documentation: Fundamentals of the Tableau Server REST API. |
|
List of projects that you want to scan. |
{
"scannerConfigs":[
{
"name":"TableauJobAta1",
"sourceType":"TABLEAU",
"description":"Scan Tableau platform",
"oneConnections":[
"Tableau connection",
"Other Tableau connection"
],
"inputDataCatalogFilePath":null,
"url":"prod-useast-b.online.tableau.com/",
"site":"asite",
"apiUrl":"api/3.21/",
"signUrl":"auth/signin",
"requestUrl":"relationship-service-war/graphql",
"tokenName":"@@ref:ata:[TABLEAU_TOKEN_NAME]",
"accessToken":"@@ref:ata:[TABLEAU_ACCESS_TOKEN]"
}
]
}FAQ
-
How long does it take to scan lineage from Tableau Cloud containing 50 workbooks?
If you are using GraphQL to scan, it should take about 40 minutes.
Was this page useful?