AIX links

Deploying the Tanium Client to AIX endpoints

On AIX endpoints, the Tanium Client is installed as a system service. The default installation directory for Tanium Client files is /opt/Tanium/TaniumClient. The following procedures describe how to use the endpoint CLI to install the Tanium Client. For details on using the CLI, see CLI on Non-Windows endpoints.

Before you begin

  • The installation process does not modify any host-based firewall that might be in use. Your network security team must ensure host and network firewalls are configured to allow inbound and outbound TCP traffic on port 17472.
  • Endpoints running AIX 6.1 or 7.1 must have the xlC.rte bundle installed. Tanium Client 6.0 requires xlC.rte 12.1.0.1 or later, and Tanium Client 7.2 or later requires xlC.rte 13.1.3.1 or later. To determine the version of the currently installed package, access the operating system CLI on the endpoint and run lslpp -l xlC\.*

    If the bundle is already installed, skip to Install the Tanium Client on AIX. Otherwise, perform the steps under Install xlC.rte.

  • Ask your Technical Account Manager (TAM) for the Tanium Client installer file (TaniumClient-<client_version>-powerpc.pkg).

Install xlC.rte

Perform the following steps on each endpoint that runs AIX 6.1 or 7.1 but does not have the required xlC.rte runtime bundle installed:

  1. Obtain the appropriate xlC.rte bundle for your system from IBM Fix Central.
  2. Upload the xlC.rte bundle to your endpoint.
  3. Extract, unzip, or untar the bundle to the /usr/sys/inst.images directory.
  4. Run the following command to install the bundle:

    sudo installp -aXYgd /usr/sys/inst.images -e /tmp/install.log all

  5. Review the installation log /tmp/install.log for any errors.

Install the Tanium Client on AIX

  1. Get the Tanium Client installer file (TaniumClient-<client_version>-powerpc.pkg) from your TAM.
  2. Log into the target computer.
  3. Copy the Tanium Client installer file to a temporary location on the target computer.
  4. Execute the following command to install the package and generate a default configuration file.

    sudo installp -agqXYd ./TaniumClient-<client_version>-powerpc.pkg TaniumClient

  5. Configure basic Tanium Client settings (for details, see Tanium Client settings).
    ServerName or ServerNameList In a deployment with a standalone Tanium Server, set the ServerName to the server FQDN or IP address. In a high availability (HA) deployment, set the ServerNameList to the FQDN or IP address of each Tanium Server, separated with a comma. In a deployment with Tanium Zone Servers, add the Zone Server FQDNs or IP addresses to the ServerNameList.
    LogVerbosityLevel

    The following decimal values are best practices for specific use cases:

    • 0: Disable logging. This is the best practice value for clients installed on sensitive endpoints or virtual desktop infrastructure (VDI) endpoints.
    • 1 (default): This is the best practice value during normal operation.
    • 41: This is the best practice value during troubleshooting.
    • 91 or higher: Enable the most detailed log levels for short periods of time only.
    ResolverThe default hostname resolver for Tanium is getent. Because AIX generally does not have the getent command, add the Resolver=nslookup setting.
    Version(Tanium Client 6.0 only) The Tanium Client version number.

    The steps to configure the settings depend on the Tanium Client version:

    • Tanium Client 6.0: Edit the /opt/Tanium/TaniumClient/TaniumClient.ini file. The following is an example of the file contents:

      • Resolver=nslookup
      Version=6.0.314.1437
      ServerName=ts1.example.com
      ServerPort=17472
      LogVerbosityLevel=1

    • Tanium Client 7.2 or later: Use the CLI to configure the settings. Version 7.2 or later does not require TaniumClient.ini. The following example commands are for a deployment with HA Tanium Servers and Zone Servers.

      cd <Tanium Client>
      sudo ./TaniumClient config set ServerNameList ts1.example.com,ts2.example.com,zs1.example.com,zs2.example.com
      sudo ./TaniumClient config set LogVerbosityLevel 1
      sudo ./TaniumClient config set resolver nslookup

  6. Copy the tanium-init.dat file (Tanium Client 7.4 or later) or tanium.pub file (Tanium Client 7.2 or earlier) from the Tanium Server to the Tanium Client installation folder on the AIX endpoint. For details, see Tanium Console User Guide: Download infrastructure configuration files (keys).
  7. Start the Tanium Client service:
    • Tanium Client 6.0/etc/rc.d/init.d/TaniumClient start
    • Tanium Client 7.2 or laterstartsrc -s taniumclient

    Before proceeding, Wait a few minutes for the Tanium Client to register.

  8. From the Main menu, select Console > Administration > System Status to verify that the client installed correctly and can communicate with the Tanium Server. If the installation and registration succeeded, the client appears in the grid.

    To find a specific Tanium Client, enter a text string in the Show Rows Containing field above the grid to filter it by Host Name or IP address.


Manage the Tanium Client service on AIX

Manage the Tanium Client 6.0 service

The legacy rc.d start and stop scripts control the Tanium Client 6.0 service on AIX. You cannot use the startsrc command to control the Tanium Client.

To start the Tanium Client service:

/etc/rc.d/init.d/TaniumClient start

To stop the Tanium Client service:

/etc/rc.d/init.d/TaniumClient stop

Manage the Tanium Client 7.2 or later service

Tanium Client 7.2 or later on AIX uses the IBM AIX System Resource Controller (SRC) to manage the client service.

To start the Tanium Client service:

startsrc -s taniumclient

To stop the Tanium Client service:

stopsrc -s taniumclient

To verify that the Tanium Client service is available:

lssrc -s taniumclient

Uninstall the Tanium Client on AIX

To uninstall the Tanium Client on AIX:

installp -u TaniumClient