Reference: Air gap support

Use the Airgap Operations menu to configure your Tanium™ deployment to access Tanium content in an air-gapped environment.

Air gap content is used in on-premises installations only.

Overview

In an ordinary Tanium deployment, the Tanium Server connects to content.tanium.com to read a manifest file that enumerates the solutions that can be imported into the deployment. This is the listing you see when you navigate to the Solutions page in the Tanium Console (see Tanium Console User Guide: Managing Tanium solutions). When a user performs the operation to import the solution, the solution imports from the remote location. In addition, a Tanium package might reference external files that exist on public sites or a local server.

In an air-gapped environment, the Tanium Server does not have access to the Internet. Content that is ordinarily downloaded from content.tanium.com and other Internet locations must be imported and maintained from an authorized and accessible local server.

To support customer deployments in air-gapped environments, the Tanium content build system generates air-gapped support versions of solution modules and content packs. The air-gapped versions replace references to content.tanium.com and other remote URLs with references to the local host.

In contrast to the ordinary deployment shown above, communication in an air-gapped environment is done on the Tanium Server host computer.

Types of air gap updates

Full updates

Tanium Server releases occur a few times per year. For each Tanium Server release, Tanium publishes an ISO archive (Windows) or RPM package (TanOS) that includes the air-gapped version of solution modules, production content packs, and lab content packs.

The ISO archive and RPM package do not contain the following solutions: Tanium™ Map, Tanium™ Integrity Monitor, Tanium™ Reveal, Tanium™ Protect, and Tanium™ Performance.

Individual updates

Tanium product releases occur weekly. Usually, a few solution modules or content packs are updated. If a solution module or content pack update is published, Tanium posts a ZIP file that contains the content XML and external files for the update.

Additional external files updates

External files for Tanium Comply, Tanium Patch, and Tanium Threat Response. External files used in some module deployments might require updates on a more frequent basis than the full or individual update releases.

When to perform an update

Customer lab

Install updates at the direction of Tanium Support. Updates in the lab are done to prepare for a rollout to production. Typically:

• Install full updates shortly after they are made available.
• Install individual updates for the solution modules and content that you support shortly after they are made available.
• Install additional external file updates regularly.

Make a habit of tracking weekly release announcements. Read the release notes to identify items included in the release that might improve the user experience and organizational objectives.

Customer production

Install updates only after you complete testing in the lab environment.

Install a full update

Before you begin

• Read the release notes for the content packs and modules included in the air gap RPM file. Make sure that you understand the changes introduced in every release in the path from your current release to the target release.
• Run a health check on each appliance in the environment to make sure each appliance is in a healthy state before you perform the update.

Download the RPM file

1. From a computer with internet access, download the air gap RPM file.
2. Copy the RPM file to a location that is available to the appliances.

Install the update

1. Use SFTP to copy the air gap installer file to the /incoming directory on the Tanium Server appliance. The file name provided by Tanium must be preserved.
2. Sign in to the TanOS console as a user with the tanadmin role.
3. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

5. Enter 1 to go to the Airgap Installer menu. View screen

   ------------------------------------------------------
   
       >>> Tanium Operations -> Airgap Installer <<< 
   
   This function is used to install a Tanium Airgap content package.
   
   Airgap files should be placed in the incoming directory using
   sftp tancopy. File names as provided by Tanium must be preserved.
   This installer supports both RPM and Zip Airgap content files.
   RPM content files are very large and will take several minutes to install.
   
     #  File name
     1: TaniumAirgap-7.4-3.1204.x86_64.rpm
   
   Please select file by line number (enter to exit):

6. Enter the line number of the file that you want to install.
7. Follow the prompts to install the air gap RPM file. View screen

   ------------------------------------------------------
   
       >>> Tanium Operations -> Airgap Installer <<< 
   
    This function is used to install a Tanium Airgap content package.
   
    Airgap files should be placed in the incoming directory using
    sftp tancopy. File names as provided by Tanium must be preserved.
    This installer supports both RPM and Zip Airgap content files.
    RPM content files are very large and will take several minutes to install.
   
    Continue with installation of TaniumAirgap-7.4-3.1204.x86_64.rpm ? [Yes|No]: yes
    Running airgap installer
    Validating file signature
   ################################# [100%]
   Updating / installing...
   ################################# [100%]
   
    Enter Console URI (minus protocol prefix): ts1.tam.local
   
    Console URI is: https://ts1.tam.local/content/manifest.xml
    Creating content signing key
    Pruning Airgap content
   Nothing to prune
   NO airgap content directory found
    Installing content
   
    Re-Apply Tanium Server ACLs
    Removing Airgap RPM
   
    Airgap installation complete
   
    Tanium Server Manifest URL changed to custom (https://ts1.tam.local/content/manifest.xml)
   
    Press enter to continue

8. Press Enter to return to the Manage Content menu.
9. When you install the air gap RPM file, TanOS changes the manifest URL to the URL for the air gap server IP address. You must change the setting for the labs manifest.
   1. Enter B to go to the Manifest URL Change menu. View screen

      ------------------------------------------------------
      
         >>> Tanium Operations -> Manifest URL Change <<< 
      
      Manifest change should be performed with the prior agreement of your TAM.
      
      Only modify the manifest if you intend to test non general releases of
      versions of Tanium Modules or content, or if you are using the airgap
      installer.
      
      Manifest: Custom
        https://ts1.tam.local/content/manifest.xml
      Labs Manifest: Default
        https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
      
               1: Set Manifest To Default
               2: Set Labs Manifest To Default
               3: Set Manifest To Custom
               4: Set Labs Manifest To Custom
      
               H: Help
               R: Return to previous menu
      
      ------------------------------------------------------

   2. Enter 4 and follow the prompts to change the labs manifest URL to the value that populates by default. View screen

      ------------------------------------------------------
      
         >>> Tanium Operations -> Set custom lab Manifest <<< 
      
       The system requires a custom URL for the application to
       download the manifest file from. The URL should be
       pointing to the server where you have installed the 
       AirGap content.
      
       Please enter Your URL: https://ts1.tam.local/content
      
       The new location will be set to https://ts1.tam.local/content/labs.xml 
      
       Is this URL correct? [Yes|No]: yes

   For more information, see Change the air gap manifest URLs.

10. If you have a secondary Tanium Server, repeat the preceding steps to set up that appliance.
11. Import the content packs and modules.
    1. Sign in to the Tanium Console on the primary Tanium Server. Go to Administration > Configuration > Solutions and import the content packs and modules.
    2. (Tanium Server 7.4.2 and earlier) If you have a secondary Tanium Server, sign in to the Tanium Console on the secondary Tanium Server. Go to Administration > Configuration > Solutions and import the content packs and modules.

If you encounter errors importing content, check the trusted host list configuration on all Tanium Server and Tanium Module Server appliances to ensure the air gap server IP address is trusted. For more information, see Configure additional security.

Install an individual update

Before you begin

• Read the release notes for the content pack or module included in the air gap installer file. Make sure that you understand the changes introduced in every release in the path from your current release to the target release.
• Run a health check on each appliance in the environment to make sure each appliance is in a healthy state before you perform the update.

Download the update file

The installer supports both RPM and ZIP air gap files. The following instructions demonstrate an install with a ZIP file.

1. From a computer with internet access, download the air gap ZIP file.
2. Copy the file to a location that is available to the appliances.

Install the update

1. Use SFTP to copy the air gap ZIP file to the /incoming directory on the Tanium Server appliance.
2. Sign in to the TanOS console as a user with the tanadmin role.
3. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

5. Enter 1 to go to the Airgap Installer menu. View screen

   ------------------------------------------------------
   
       >>> Tanium Operations -> Airgap Installer <<< 
   
   This function is used to install a Tanium Airgap content package.
   
   Airgap files should be placed in the incoming directory using
   sftp tancopy. File names as provided by Tanium must be preserved.
   This installer supports both RPM and Zip Airgap content files.
   RPM content files are very large and will take several minutes to install.
   
     #  File name
     1: Airgapped-IC_Base-Installer.zip
   
   Please select file by line number (enter to exit):

6. Enter the line number of the file that you want to install.
7. Follow the prompts to install the air gap ZIP file, but do not press Enter after the install completes. View screen

    ------------------------------------------------------
   
        >>> Tanium Operations -> Airgap Installer <<< 
   
    This function is used to install a Tanium Airgap content package.
   
    Airgap files should be placed in the incoming directory using
    sftp tancopy. File names as provided by Tanium must be preserved.
    This installer supports both RPM and Zip Airgap content files.
    RPM content files are very large and will take several minutes to install.
   
      #  File name
      1: Airgapped-IC_Base-Installer.zip
   
   Please select file by line number (enter to exit): 1
   
    Continue with installation of Airgapped-IC_Base-Installer.zip ? [Yes|No]: yes
    Running airgap installer
    Validating file signature
   
    Airgap installer script completed.
   
    The XML file for install of the Airgap content can be downloaded
    from the following URL
        https://ts1.tam.local:8443/content/IC_Base/2020-06-24_10-38-36_8.0.2.0004/IC_Base.xml
   
    Re-Apply Tanium Server ACLs
    Removing Airgap installer files
   
    Airgap installation complete
   
    Press enter to continue

8. Copy the URL that appears for the XML file.
9. Press Enter to go to the Manage Content menu.
10. Download the XML file to your local computer. For example, you can open the URL in a web browser and save the file to your computer. Depending on your configuration, you might need to change the FQDN of the server to the IP address.
11. Use keyutility.exe to generate a cryptographic key pair and use it to sign the XML file. For more information, see Enable import of user-created content. View screen

    C:\Tanium\KeyUtility.exe signcontent TaniumLab.pvk IC_Base.xml
    Signature Created.
    
    C:\Tanium>

12. Import the content into Tanium:
    1. Sign in to the Tanium Console on the primary Tanium Server.
    2. From the Main menu, select Administration > Content > Content Alignment page.
    3. In the upper right, click Import Content.
    4. Click Choose File, select the XML file, and click Open.
    5. Click Import.
    6. Review the content to import. In most cases, when you import Tanium-produced content, select the options to merge the categories configuration and to overwrite all of the other configurations, including the designated content set.
    7. Click Import. If prompted, enter your credentials and click OK.
    8. Review the messages to make sure the import completes successfully, and then click Close.
13. (Tanium Server 7.4.2 and earlier) If you have a secondary Tanium Server, repeat the preceding steps to install the update to that appliance.

If you encounter errors importing content, check the trusted host list configuration on all Tanium Server and Tanium Module Server appliances to ensure the air gap server IP address is trusted. For more information, see Edit TDownloader settings.

Update the Tanium Comply engine packages

In an ordinary environment, Tanium Comply automatically connects to content.tanium.com to download updates for key components used in endpoint scans. In an air-gapped environment, you must update these components manually through the Tanium Console. For complete instructions, see Tanium Comply User Guide: Configure Comply for an air-gapped environment.

Update Tanium Patch files

When your Tanium Server is in an air-gapped environment, the server cannot download patches from the internet. You must configure Patch to install patches from an alternate file location in the Patch settings for Windows endpoints.

To update Tanium Patch files, follow the steps in Tanium Patch User Guide: Downloading patches in an air-gapped environment, but perform the following steps after you download the remote package files:

1. Rename the ZIP file to content-results.zip and copy to a location that is available to the Tanium Server appliance.
2. Use SFTP to copy the ZIP file to the /incoming directory on the Tanium Server appliance.
3. Sign in to the TanOS console as a user with the tanadmin role.
4. Enter 2 to go to the Tanium Operations menu.
5. Enter C to go to the Manage Content menu.
6. Enter 4 to go to the Manage Web Server Content menu.
7. Enter 1 to go to the Tanium Web Server Content Installer menu and follow the prompts to install the content-results.zip file.
8. Verify the configuration as instructed in the Patch documentation.

Install or update Tanium Threat Response Signals

In an ordinary environment, Tanium Threat Response automatically connects to content.tanium.com to download updates for Tanium Signals. In an air-gapped environment, you must update the Tanium Signals files manually.

Download the Tanium Signals file

1. From a computer with internet access, go to the content download URL and download the DetectSignalsV3.zip file.
2. Use a ZIP program to add another ZIP layer. The extra layer is required to import the ZIP file to the Tanium Server appliance. For example:
   1. Go to Administration > Content > Packages, search for Distribute Tanium Standard Utilities, and download 7za.exe.
   2. Create an archive named content-DetectSignalV3.zip that includes the file DetectSignalsV3.zip.

      cmd> 7za a content-DetectSignalsV3.zip DetectSignalsV3.zip
      7-Zip (a) 18.05 (x86) : Copyright (c) 1999-2018 Igor Pavlov : 2018-04-30
      
      Scanning the drive:
      1 file, 13644 bytes (14 KiB)
      Creating archive: content-DetectSignalsV3.zip
      
      Add new data to archive: 1 file, 13644 bytes (14 KiB)
      
      Files read from disk: 1
      Archive size: 13735 bytes (14 KiB)
      
      Everything is Ok

      The file must be named content-DetectSignalsV3.zip. TanOS expects the prefix content-.

   3. Copy the file to a location that is available to the Tanium Server appliance.

Install or update the Tanium Signals file

1. Install the content on the Tanium Server appliance:
   1. Use SFTP to copy the Tanium Signals ZIP file to the /incoming directory on the Tanium Server appliance.
   2. Sign in to the TanOS console as a user with the tanadmin role.
   3. Enter 2 to go to the Tanium Operations menu.
   4. Enter C to go to the Manage Content menu.
   5. Enter 4 to go to the Manage Web Server Content menu.
   6. Enter 1 to go to the Tanium Web Server Content Installer menu and follow the prompts to install the Tanium Signals ZIP file.
2. Specify the location on the appliance for the Tanium Signal's manifest URL setting.
   1. In a web browser, sign in to the Tanium Console, and go to Modules > Threat Response.
   2. From the Threat Response menu, go to Intel > Sources.
   3. Edit the Tanium Signals source. If the source does not exist, click New Source and complete the configuration.
   4. For the manifest URL, specify the URL for the zip file that you installed in the previous steps. The URL has the following form: https://<TS FQDN>/content/files/DetectSignalsV3.zip. The file name of the zip file is case sensitive.
   5. Save the configuration.
   6. From the Sources page in Threat Response, make sure the Intel Count populates with items in the Tanium Signals row.

View air gap usage report

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter 2 to go to the Airgap Content Usage report. View screen

   ------------------------------------------------------
   
     >>> Tanium Operations -> Airgap Content Usage <<< 
   
      UsedKB Solution                  Solution_ID            Sol_Vers Action
      ====== ========                  ===========            ======== ======
     149068K Connect                   99-200-0008         4.11.1.0008 Delete
   
   Delete will prune 150M bytes from 1 solutions
   Delete will preserve 0 bytes from 0 solutions
   
    Press enter to continue

Prune air gap content

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter 3 to go to the Prune Airgap Content menu. View screen

   ------------------------------------------------------
   
     >>> Tanium Operations -> Prune Airgap Content <<< 
   
   Pruning Airgap content will delete all of the unused content.
   Unused content is content that has not been imported and 
   solutions that were upgraded to later versions.
   
   Would you like to continue with purging Airgap content ? [Yes|No]:

5. Follow the prompts to prune the air gap content.

Manage web server content

TanOS has menus to support installation and management of air-gapped web server content.

Before you begin

Use SFTP to copy the air gap content files to the /incoming directory on the appliance. The file names must be in the content-*.zip format. The web content installs to the <Tanium Server>/http/content/files directory.

Install content

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter 4 to go to the Manage Web Server Content menu. View screen

   ------------------------------------------------------
   
   >>> Tanium Operations -> Manage Web Server Content <<< 
   
            1: Install Content
            2: Delete Content by Name (File/Directory)
            3: List/Delete Content
   
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

5. Enter 1 to go to the Tanium Web Server Content Installer menu. View screen

   ------------------------------------------------------
   
   >>> Tanium Operations -> Tanium Web Server Content Installer <<< 
   
    This function is used to install Tanium Web Server content.
   
    Content files should be placed in the incoming directory using
    sftp tancopy. Content files must be zipped and prefixed with 
    content-*.zip.
   
      #  File name
      1: content-IC_AD-Installer.zip
   
   [ Please select file by line number (enter to exit): 1
   [ Continue with installation of content-IC_AD_Installer.zip ? [Yes|No]: yes
    Installing content
    Extracting content to /opt/Tanium/TaniumServer/http/content/files
   
    Content file installation completed.
   
    Press enter to continue

6. Follow the prompts to install the content.

Delete content by name

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter 4 to go to the Manage Web Server Content menu. View screen

   ------------------------------------------------------
   
   >>> Tanium Operations -> Manage Web Server Content <<< 
   
            1: Install Content
            2: Delete Content by Name (File/Directory)
            3: List/Delete Content
   
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

5. Enter 2 and follow the prompts to delete the content.

Delete content by list

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter 4 to go to the Manage Web Server Content menu. View screen

   ------------------------------------------------------
   
   >>> Tanium Operations -> Manage Web Server Content <<< 
   
            1: Install Content
            2: Delete Content by Name (File/Directory)
            3: List/Delete Content
   
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

5. Enter 3 and follow the prompts to delete the content.

Edit air gap options

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter A to edit the air gap options. View screen

   >>> Tanium TanOS -> Tools -> Edit Files -> airgap.ini <<< 
   
             #: Line Content
   
             1: [General]
             2: root_uri = https://appliance-156.tam.local/content
             3: destination_path = /opt/Tanium/TaniumServer/http/content
             4: license_path = /opt/Tanium/TaniumServer/tanium.license
             5: key_util_path = /opt/Tanium/TaniumServer/TaniumKeyUtility
             6: key_path = /opt/Tanium/TaniumServer/contentsigning.pvk
             7: manifest_file = manifest.xml
             8: lab_manifest_file = labs.xml
             9: [hsm]
   
             A: Add a line
   
             R: Return to previous menu
   
    -------------------------------------------------------

5. Use the menu to edit the configuration.

Change the air gap manifest URLs

The manifest and lab manifest refer to the URL the Tanium Console uses to locate solution modules and content packs available for download and use. The default locations point to content.tanium.com. In an air-gapped deployment, the manifest URLs are different. Use the TanOS menu to change them to the air gap content location.

1. Sign in to the TanOS console as a user with the tanadmin role.
2. Enter 2 to go to the Tanium Operations menu. View screen

   ------------------------------------------------------
   
                >>> Tanium Operations Menu <<< 
   
            1: Tanium Service Control
            2: Tanium Configuration Settings
            4: Install Custom SOAP Cert
            5: Manage Custom Signing Keys
            6: Download Public Key
            7: Download SOAP Certificate
            9: Import CAC Certificate
   
            A: Configure Module Server(s)
            B: Configure Tanium Cluster
            C: Manage Content
            M: Module Operations
   
            I: Import public key to Tanium Zone Server
   
            X: Advanced Operations
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

3. Enter C to go to the Manage Content menu. View screen

   ------------------------------------------------------
   
        >>> Tanium Operations -> Manage Content <<< 
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/74/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/74/labs_manifest.xml
   
            1: Install Airgap Content
            2: Airgap Usage Report
            3: Prune Airgap Content
            4: Manage Web Server Content
   
            A: Edit Airgap Options
            B: Set Manifest
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

4. Enter B to go to the Manifest URL Change menu. View screen

   ------------------------------------------------------
   
      >>> Tanium Operations -> Manifest URL Change <<< 
   
   Manifest change should be performed with the prior agreement of your TAM.
   
   Only modify the manifest if you intend to test non general releases of
   versions of Tanium Modules or content, or if you are using the airgap
   installer.
   
   Manifest: Default
     https://content.tanium.com/files/initialcontent/73/manifest.xml
   Labs Manifest: Default
     https://content.tanium.com/files/initialcontent/73/labs_manifest.xml
   
            1: Set Manifest To Default
            2: Set Labs Manifest To Default
            3: Set Manifest To Custom
            4: Set Labs Manifest To Custom
   
            H: Help
            R: Return to previous menu
   
   ------------------------------------------------------

5. Use the menu to change the manifest URL.