Deploying the Tanium Client to AIX endpoints

AIX links

The Taniumâ„¢ Client is installed as a system service. The Tanium Client files are installed by default in the /opt/Tanium/TaniumClient directory.

The installation process does not modify any host-based firewall that might be in use. Your network security team must ensure host and network firewalls are configured to allow inbound/outbound TCP traffic on port 17472.

You can use the Tanium CDT to download the latest client package file.

Install the Tanium Client

  1. Open the Tanium CDT and select Client > Check for Updates to download the latest set of installers.
  2. Go to the <install>\Tanium Client Deployment Tool\clients folder and copy the TaniumClient.6.0.314.1437-AIX6.1-powerpc.pkg file to a temporary location.
  3. Log into the target computer.
  4. Copy the package to a temporary location on the target computer.
  5. Execute the following command to install the package and generate a default configuration file:

    sudo installp -agqXYd ./TaniumClient.6.0.314.1437-AIX6.1-powerpc.pkg TaniumClient

  6. Go to /opt/Tanium/TaniumClient/ and edit the TaniumClient.ini file. Make the following changes.

  7. ServerName Tanium Server FQDN or IP address.
    LogVerbosityLevel

    The following decimal values are best practices for specific use cases:

    • 0: Disable logging. This is the best practice value for clients installed on sensitive endpoints or virtual desktop infrastructure (VDI) endpoints.
    • 1: This is the best practice value during normal operation.
    • 41: This is the best practice value during troubleshooting.
    • 91 or higher: Enable the most detailed log levels for short periods of time only.
    Resolver The default hostname resolver for Tanium is getent. AIX generally does not have the getent command, add the Resolver=nslookup setting.

    The following is an example TaniumClient.ini file:

    Resolver=nslookup
    Version=6.0.314.1437
    ServerName=ts1.example.com
    ServerPort=17472
    LogVerbosityLevel=1

    See Troubleshooting for a description of common settings.

  8. Copy the tanium.pub file from the Tanium Server installation directory to /opt/Tanium/TaniumClient.
  9. Start the TaniumClient daemon:

    /etc/rc.d/init.d/TaniumClient start

If you encounter issues when deploying the Tanium Client, examine the CDT debug logs (see Client Deployment Tool logs) and Tanium Client installation log (see Tanium Client installation log).

Manage the Tanium Client AIX service

On AIX, the Tanium Client is controlled by the legacy rc.d start/stop scripts. You cannot use the startsrc command to control the Tanium Client.

To start:

/etc/rc.d/init.d/TaniumClient start

To stop:

/etc/rc.d/init.d/TaniumClient stop

Uninstall

To uninstall:

installp -u TaniumClient

Last updated: 12/6/2018 1:07 PM | Feedback