Deploying the Tanium Client to AIX endpoints

AIX links

The Tanium Client is installed as a system service. The Tanium Client files are installed by default in the /opt/Tanium/TaniumClient directory.

The installation process does not modify any host-based firewall that might be in use. Your network security team must ensure host and network firewalls are configured to allow inbound/outbound TCP traffic on port 17472.

You can use the Tanium Client Deployment Tool (CDT) to download the latest Tanium Client package file.

Install the Tanium Client

  1. Open the Tanium CDT and select Client > Check for Updates to download the latest set of installers.
  2. Go to the <CDT_installation_directory>\Tanium Client Deployment Tool\clients folder and copy the Tanium Client installer file (TaniumClient.<client_version>-<AIX_version>-powerpc.pkg) to a temporary location.
  3. Log into the target computer.
  4. Copy the package to a temporary location on the target computer.
  5. Execute the following command to install the package and generate a default configuration file.

    sudo installp -agqXYd ./TaniumClient.<client_version>-<AIX_version>-powerpc.pkg TaniumClient

  6. Configure basic Tanium Client settings (for details, see Tanium Client settings).
    ServerName Tanium Server FQDN or IP address.
    LogVerbosityLevel

    The following decimal values are best practices for specific use cases:

    • 0: Disable logging. This is the best practice value for clients installed on sensitive endpoints or virtual desktop infrastructure (VDI) endpoints.
    • 1: This is the best practice value during normal operation.
    • 41: This is the best practice value during troubleshooting.
    • 91 or higher: Enable the most detailed log levels for short periods of time only.
    ResolverThe default hostname resolver for Tanium is getent. Because AIX generally does not have the getent command, add the Resolver=nslookup setting.

    The steps to configure the settings depend on the Tanium Client version:

    • Tanium Client 6.0: Edit the /opt/Tanium/TaniumClient/TaniumClient.ini file. The following is an example of the file contents:
    • Resolver=nslookup
      Version=6.0.314.1437
      ServerName=ts1.example.com
      ServerPort=17472
      LogVerbosityLevel=1

    • Tanium Client 7.2: Issue the following CLI commands (for details, see Non-Windows). Version 7.2 does not require TaniumClient.ini.
      cmd-prompt>sudo ./TaniumClient config set ServerNameList ts1.example.com,ts2.example.com
      cmd-prompt>sudo ./TaniumClient config set LogVerbosityLevel 1
      cmd-prompt>sudo ./TaniumClient config set resolver nslookup				
  7. Copy the tanium.pub file from the Tanium Server installation directory to the /opt/Tanium/TaniumClient folder on the target computer.
  8. Start the TaniumClient daemon:

    /etc/rc.d/init.d/TaniumClient start

If you encounter issues when deploying the Tanium Client, examine the CDT debug logs (see Client Deployment Tool logs) and Tanium Client installation log (see Tanium Client installation log).

Manage the Tanium Client service on AIX

Manage the Tanium Client 6.0 service on AIX

The legacy rc.d start/stop scripts control the Tanium Client 6.0 service on AIX. You cannot use the startsrc command to control the Tanium Client.

To start the Tanium Client service:

/etc/rc.d/init.d/TaniumClient start

To stop the Tanium Client service:

/etc/rc.d/init.d/TaniumClient stop

Manage the Tanium Client 7.2 service on AIX

Tanium Client 7.2 on AIX uses the IBM AIX System Resource Controller (SRC) to manage the client service.

To start the Tanium Client service:

startsrc -s taniumclient

To stop the Tanium Client service:

stopsrc -s taniumclient

To verify that the Tanium Client service is available:

lssrc -s taniumclient

Uninstall the Tanium Client on AIX

To uninstall the Tanium Client on AIX:

installp -u TaniumClient

Last updated: 4/18/2019 8:15 AM | Feedback