Linux links

Deploying the Tanium Client to Linux endpoints

On Linux endpoints, the Tanium Client is installed as a system service. The default installation directory for Tanium Client files is /opt/Tanium/TaniumClient.

Linux firewall rules

The installation process does not modify any host-based firewall that might be in use. Your network security team must ensure host and network firewalls are configured to allow inbound and outbound TCP traffic on port 17472. In the following subsections, the listed commands for managing Linux firewalls are samples based on default distributions of Linux.

Amazon Linux

By default, the iptables utility (used to manage the firewall) is not configured on Amazon Linux AMI (2016.09, 2017.09, 2018.3) or Amazon Linux 2 LTS (2017.12). To add, remove, remove, deny or view the status of port 17472, check your Amazon Web Services (AWS) security group instead.

Debian

By default, the iptables utility (used to manage the firewall) is not configured on Debian 6.x, 7.x, 8.x, or 9.x. To add, remove, remove, deny or view the status of port 17472, check your Amazon Web Services (AWS) security group instead.

CentOS, Oracle Enterprise Linux, Red Hat Linux

Versions 5.x and 6.x

The following table lists the commands for managing firewall rules for versions 5.x and 6.x of CentOS, Oracle Enterprise Linux, and Red Hat Linux:

Table 1:   Firewall commands for CentOS, Oracle Enterprise Linux, Red Hat Linux 5.x and 6.x
Tasks Commands
Check the firewall status iptables -L -n --line-numbers | egrep -i "^Chain|REJECT *all"

The firewall is enabled when a REJECT *all rule is present.

View port 17472 status sudo iptables -L -n | grep 17472
Add or allow port 17472 The iptables command is for IPv4. For IPv6, use the ip6tables command.
  1. Check the firewall status.

    iptables -L -n --line-numbers | egrep -i "^Chain|REJECT *all"

  2. For each <chain_name> with a REJECT all rule, run the following command, where <line> is the line number of the rule.

    sudo iptables -I <chain_name> <line> -p tcp -m state --state NEW --dport 17472 -j ACCEPT

    For example, if the chain is RH-Firewall-1-INPUT and the REJECT all rule is on line 10, run:

    iptables -I RH-Firewall-1-INPUT 10 -p tcp -m state --state NEW --dport 17472 -j ACCEPT

  3. Save your changes and restart the iptables service.

    sudo service iptables save

    sudo service iptables restart

Remove or deny port 17472 The iptables command is for IPv4. For IPv6, use the ip6tables command.
  1. List the chains.

    sudo iptables -L -n | egrep -i "^Chain|17472"

  2. For each <chain_name>, run:

    sudo iptables -D <chain_name> -p tcp -m state --state NEW --dport 17472 -j ACCEPT

  3. Save your changes and restart the iptables service.

    sudo service iptables save

    sudo service iptables restart

Version 7.x and 8.x

The following table lists the commands for managing firewall rules for versions 7.x and 8.x of CentOS, Oracle Enterprise Linux, or Red Hat Linux:

Table 2:   Firewall commands for CentOS, Oracle Enterprise Linux, Red Hat Linux 7.x and 8.x
Tasks Commands
View port 17472 status sudo firewall-cmd --list-all-zones | grep 17472
Add or allow port 17472
  1. List the zones.

    sudo firewall-cmd --list-all-zones

  2. For each relevant <zone_name> (such as default and where ssh is present), run:

    sudo firewall-cmd --permanent --zone=<zone_name> --add-port=17472/tcp

  3. Restart the firewall.

    sudo systemctl restart firewalld

Remove or deny port 17472
  1. List the zones.

    sudo firewall-cmd --list-all-zones

  2. For each relevant <zone_name> where port 17472 is present, run:

    sudo firewall-cmd --permanent --zone=<zone_name> --remove-port=17472/tcp

  3. Restart the firewall.

    sudo systemctl restart firewalld

OpenSUSE and SLES

Version 15.x

The following table lists the commands for managing firewall rules for versions 15.x of OpenSUSE and SUSE Linux Enterprise Server (SLES):

Table 3:   Firewall commands for OpenSUSE and SLES 15.x
Tasks Commands
View port 17472 status sudo firewall-cmd --list-all-zones | grep 17472
Add or allow port 17472
  1. List the zones.

    sudo firewall-cmd --list-all-zones

  2. For each relevant <zone_name> (such as default and where ssh is present), run:

    sudo firewall-cmd --permanent --zone=<zone_name> --add-port=17472/tcp

  3. Restart the firewall.

    sudo systemctl restart firewalld

Remove or deny port 17472
  1. List the zones.

    sudo firewall-cmd --list-all-zones

  2. For each relevant <zone_name> where port 17472 is present, run:

    sudo firewall-cmd --permanent --zone=<zone_name> --remove-port=17472/tcp

  3. Restart the firewall.

    sudo systemctl restart firewalld

Version 11.x and 12.X

The following table lists the commands for managing firewall rules for versions 11.x and 12.x of OpenSUSE and SUSE Linux Enterprise Server (SLES):

Table 4:   Firewall commands for OpenSUSE and SLES 11.x and 12.x
Tasks Commands
View port 17472 status sudo grep "FW_SERVICES_EXT_TCP=" /etc/sysconfig/SuSEfirewall2 | egrep "[ \"]17472[ \"]"
Add or allow port 17472
  1. Open the /etc/sysconfig/SuSEfirewall2 file for editing, add port 17472 to the line FW_SERVICES_EXT_TCP=, and save your changes.
  2. Restart the firewall.

    sudo SuSEfirewall2 start

Remove or deny port 17472
  1. Open the /etc/sysconfig/SuSEfirewall2 file for editing, remove port 17472 from the line FW_SERVICES_EXT_TCP=, and save your changes.
  2. Restart the firewall.

    sudo SuSEfirewall2 start

Ubuntu

The following table lists the commands for managing firewall rules for Ubuntu 10.04, 14.04, 16.04, and 18.04 LTS:

Table 5:   Firewall commands for Ubuntu
Tasks Commands
View port 17472 status sudo ufw status | grep 17472

or

sudo iptables -L -n | grep 17472

Allow port 17472 sudo ufw allow 17472/tcp
Remove port 17472 sudo ufw delete allow 17472/tcp
Deny port 17472 sudo ufw deny 17472/tcp

Tanium Client package files for Linux

The Linux installer bundle (linux-client-bundle.zip) that you download through Tanium Client Management contains package installer files for every Linux distribution: see Tanium Client Management Guide: Download and deploy the installer bundle. You can also acquire the package file for your Linux distribution from Tanium Support: see Contact Tanium Support.

To verify the digital signature on RPM package files, use the public key at Tanium public key for Linux RPM files.

Table 6:   Tanium Client package files for Linux
Linux Distribution Latest Installation Package Files
Amazon Linux 2 LTS (2017.12) TaniumClient-7.4.4.1250-1.amzn2.x86_64.rpm
TaniumClient-7.4.4.1226-1.amzn2.x86_64.rpm
TaniumClient-7.4.2.2073-1.amzn2.x86_64.rpm

TaniumClient-7.4.2.2063-1.amzn2.x86_64.rpm
TaniumClient-7.4.2.2033-1.amzn2.x86_64.rpm

TaniumClient-7.4.1.1955-1.amzn2.x86_64.rpm

TaniumClient-7.2.314.3632-1.amzn2.x86_64.rpm

TaniumClient-7.2.314.3584-1.amzn2.x86_64.rpm
Amazon Linux AMI 2018.3 TaniumClient-7.4.4.1250-1.amzn2018.03.x86_64.rpm
TaniumClient-7.4.4.1226-1.amzn2018.03.x86_64.rpm
TaniumClient-7.4.2.2073-1.amzn2018.03.x86_64.rpm

TaniumClient-7.4.2.2063-1.amzn2018.03.x86_64.rpm
TaniumClient-7.4.2.2033-1.amzn2018.03.x86_64.rpm

TaniumClient-7.4.1.1955-1.amzn2018.03.x86_64.rpm

TaniumClient-7.2.314.3632-1.amzn2018.03.x86_64.rpm
TaniumClient-7.2.314.3584-1.amzn2018.03.x86_64.rpm
Amazon Linux AMI 2016.09 TaniumClient-7.2.314.2962-1.amzn2016.09.x86_64.rpm
Debian 10.x taniumclient-7.4.4.1250-debian10_i386.deb
taniumclient-7.4.4.1226-debian10_i386.deb
taniumclient-7.4.2.2073-debian10_i386.deb
taniumclient-7.4.2.2063-debian10_i386.deb

taniumclient-7.4.4.1250-debian10_amd64.deb
taniumclient-7.4.4.1226-debian10_amd64.deb
taniumclient-7.4.2.2073-debian10_amd64.deb
taniumclient-7.4.2.2063-debian10_amd64.deb

Debian 9.x taniumclient-7.4.4.1250-debian9_i386.deb
taniumclient-7.4.4.1226-debian9_i386.deb
taniumclient-7.4.2.2073-debian9_i386.deb
taniumclient-7.4.2.2063-debian9_i386.deb
taniumclient-7.4.2.2033-debian9_i386.deb
taniumclient-7.4.1.1955-debian9_i386.deb
taniumclient-7.2.314.3632-debian9_i386.deb
taniumclient-7.2.314.3584-debian9_i386.deb

taniumclient-7.4.4.1250-debian9_amd64.deb
taniumclient-7.4.4.1226-debian9_amd64.deb
taniumclient-7.4.2.2073-debian9_amd64.deb
taniumclient-7.4.2.2063-debian9_amd64.deb
taniumclient-7.4.2.2033-debian9_amd64.deb
taniumclient-7.4.1.1955-debian9_amd64.deb
taniumclient-7.2.314.3632-debian9_amd64.deb
taniumclient-7.2.314.3584-debian9_amd64.deb

Debian 8.x taniumclient-7.4.4.1250-debian8_i386.deb
taniumclient-7.4.4.1226-debian8_i386.deb
taniumclient-7.4.2.2073-debian8_i386.deb
taniumclient-7.4.2.2063-debian8_i386.deb
taniumclient-7.4.2.2033-debian8_i386.deb
taniumclient-7.4.1.1955-debian8_i386.deb
taniumclient-7.2.314.3632-debian8_i386.deb
taniumclient-7.2.314.3584-debian8_i386.deb

taniumclient-7.4.4.1250-debian8_amd64.deb
taniumclient-7.4.4.1226-debian8_amd64.deb
taniumclient-7.4.2.2073-debian8_amd64.deb
taniumclient-7.4.2.2063-debian8_amd64.deb
taniumclient-7.4.2.2033-debian8_amd64.deb
taniumclient-7.4.1.1955-debian8_amd64.deb
taniumclient-7.2.314.3632-debian8_amd64.deb
taniumclient-7.2.314.3584-debian8_amd64.deb

Debian 7.x, 6.x taniumclient-7.2.314.3632-debian6_i386.deb
taniumclient-7.2.314.3584-debian6_i386.deb

taniumclient_7.2.314.2962-debian6_i386.deb

taniumclient-7.2.314.3632-debian6_amd64.deb
taniumclient-7.2.314.3584-debian6_amd64.deb

taniumclient_7.2.314.2962-debian6_amd64.deb

Oracle Linux 8.x TaniumClient-7.4.4.1250-1.oel8.x86_64.rpm
TaniumClient-7.4.4.1226-1.oel8.x86_64.rpm
TaniumClient-7.4.2.2073-1.oel8.x86_64.rpm
TaniumClient-7.4.2.2063-1.oel8.x86_64.rpm
TaniumClient-7.2.314.3632-1.oel8.x86_64.rpm

Oracle Enterprise Linux 7.x TaniumClient-7.4.4.1250-1.oel7.x86_64.rpm
TaniumClient-7.4.4.1226-1.oel7.x86_64.rpm
TaniumClient-7.4.2.2073-1.oel7.x86_64.rpm
TaniumClient-7.4.2.2063-1.oel7.x86_64.rpm
TaniumClient-7.4.2.2033-1.oel7.x86_64.rpm
TaniumClient-7.4.1.1955-1.oel7.x86_64.rpm
TaniumClient-7.2.314.3584-1.oel7.x86_64.rpm
TaniumClient-7.2.314.2962-1.oel7.x86_64.rpm
Oracle Enterprise Linux 6.x TaniumClient-7.4.4.1250-1.oel6.i686.rpm
TaniumClient-7.4.4.1226-1.oel6.i686.rpm
TaniumClient-7.4.2.2073-1.oel6.i686.rpm
TaniumClient-7.4.2.2063-1.oel6.i686.rpm
TaniumClient-7.4.2.2033-1.oel6.i686.rpm
TaniumClient-7.4.1.1955-1.oel6.i686.rpm
TaniumClient-7.2.314.3584-1.oel6.i686.rpm
TaniumClient-7.2.314.2962-1.oel6.i686.rpm

TaniumClient-7.4.4.1250-1.oel6.x86_64.rpm
TaniumClient-7.4.4.1226-1.oel6.x86_64.rpm
TaniumClient-7.4.2.2073-1.oel6.x86_64.rpm
TaniumClient-7.4.2.2063-1.oel6.x86_64.rpm
TaniumClient-7.4.2.2033-1.oel6.x86_64.rpm
TaniumClient-7.4.1.1955-1.oel6.x86_64.rpm
TaniumClient-7.2.314.3584-1.oel6.x86_64.rpm
TaniumClient-7.2.314.2962-1.oel6.x86_64.rpm

Oracle Enterprise Linux 5.x TaniumClient-7.4.4.1250-1.oel5.i386.rpm
TaniumClient-7.4.4.1226-1.oel5.i386.rpm
TaniumClient-7.4.2.2073-1.oel5.i386.rpm
TaniumClient-7.4.2.2063-1.oel5.i386.rpm
TaniumClient-7.4.2.2033-1.oel5.i386.rpm
TaniumClient-7.4.1.1955-1.oel5.i386.rpm
TaniumClient-7.2.314.3584-1.oel5.i386.rpm
TaniumClient-7.2.314.3236-1.oel5.i386.rpm
TaniumClient-7.2.314.2962-1.oel5.i386.rpm

TaniumClient-7.4.4.1250-1.oel5.x86_64.rpm
TaniumClient-7.4.4.1226-1.oel5.x86_64.rpm
TaniumClient-7.4.2.2073-1.oel5.x86_64.rpm
TaniumClient-7.4.2.2063-1.oel5.x86_64.rpm
TaniumClient-7.4.2.2033-1.oel5.x86_64.rpm
TaniumClient-7.4.1.1955-1.oel5.x86_64.rpm
TaniumClient-7.2.314.3584-1.oel5.x86_64.rpm
TaniumClient-7.2.314.3236-1.oel5.x86_64.rpm
TaniumClient-7.2.314.2962-1.oel5.x86_64.rpm

Red Hat / CentOS 8.x TaniumClient-7.4.4.1250-1.rhe8.x86_64.rpm
TaniumClient-7.4.4.1226-1.rhe8.x86_64.rpm
TaniumClient-7.4.2.2073-1.rhe8.x86_64.rpm
TaniumClient-7.4.2.2063-1.rhe8.x86_64.rpm
TaniumClient-7.4.2.2033-1.rhe8.x86_64.rpm
TaniumClient-7.4.1.1955-1.rhe8.x86_64.rpm
TaniumClient-7.2.314.3632-1.rhe8.x86_64.rpm
TaniumClient-7.2.314.3584-1.rhe8.x86_64.rpm
Red Hat / CentOS 7.x TaniumClient-7.4.4.1250-1.rhe7.x86_64.rpm
TaniumClient-7.4.4.1226-1.rhe7.x86_64.rpm
TaniumClient-7.4.2.2073-1.rhe7.x86_64.rpm
TaniumClient-7.4.2.2063-1.rhe7.x86_64.rpm
TaniumClient-7.4.2.2033-1.rhe7.x86_64.rpm
TaniumClient-7.4.1.1955-1.rhe7.x86_64.rpm
TaniumClient-7.2.314.3584-1.rhe7.x86_64.rpm
TaniumClient-7.2.314.2962-1.rhe7.x86_64.rpm
Red Hat / CentOS 6.x TaniumClient-7.4.4.1250-1.rhe6.i686.rpm
TaniumClient-7.4.4.1226-1.rhe6.i686.rpm
TaniumClient-7.4.2.2073-1.rhe6.i686.rpm
TaniumClient-7.4.2.2063-1.rhe6.i686.rpm
TaniumClient-7.4.2.2033-1.rhe6.i686.rpm
TaniumClient-7.4.1.1955-1.rhe6.i686.rpm
TaniumClient-7.2.314.3584-1.rhe6.i686.rpm
TaniumClient-7.2.314.2962-1.rhe6.i686.rpm

TaniumClient-7.4.4.1250-1.rhe6.x86_64.rpm
TaniumClient-7.4.4.1226-1.rhe6.x86_64.rpm
TaniumClient-7.4.2.2073-1.rhe6.x86_64.rpm
TaniumClient-7.4.2.2063-1.rhe6.x86_64.rpm
TaniumClient-7.4.2.2033-1.rhe6.x86_64.rpm
TaniumClient-7.4.1.1955-1.rhe6.x86_64.rpm
TaniumClient-7.2.314.3584-1.rhe6.x86_64.rpm
TaniumClient-7.2.314.2962-1.rhe6.x86_64.rpm

Red Hat / CentOS 5.x TaniumClient-7.4.4.1250-1.rhe5.i386.rpm
TaniumClient-7.4.4.1226-1.rhe5.i386.rpm
TaniumClient-7.4.2.2073-1.rhe5.i386.rpm
TaniumClient-7.4.2.2063-1.rhe5.i386.rpm
TaniumClient-7.4.2.2033-1.rhe5.i386.rpm
TaniumClient-7.4.1.1955-1.rhe5.i386.rpm
TaniumClient-7.2.314.3584-1.rhe5.i386.rpm
TaniumClient-7.2.314.2962-1.rhe5.i386.rpm

TaniumClient-7.4.4.1250-1.rhe5.x86_64.rpm
TaniumClient-7.4.4.1226-1.rhe5.x86_64.rpm
TaniumClient-7.4.2.2073-1.rhe5.x86_64.rpm
TaniumClient-7.4.2.2063-1.rhe5.x86_64.rpm
TaniumClient-7.4.2.2033-1.rhe5.x86_64.rpm
TaniumClient-7.4.1.1955-1.rhe5.x86_64.rpm
TaniumClient-7.2.314.3584-1.rhe5.x86_64.rpm
TaniumClient-7.2.314.3236-1.rhe5.x86_64.rpm
TaniumClient-7.2.314.2962-1.rhe5.x86_64.rpm

SUSE Linux Enterprise Server (SLES) / OpenSUSE 15.x TaniumClient-7.4.4.1250-1.sle15.i586.rpm
TaniumClient-7.4.4.1226-1.sle15.i586.rpm
TaniumClient-7.4.2.2073-1.sle15.i586.rpm
TaniumClient-7.4.2.2063-1.sle15.i586.rpm
TaniumClient-7.4.2.2033-1.sle15.i586.rpm
TaniumClient-7.4.1.1955-1.sle15.i586.rpm
TaniumClient-7.2.314.3632-1.sle15.i586.rpm

TaniumClient-7.4.4.1250-1.sle15.x86_64.rpm
TaniumClient-7.4.4.1226-1.sle15.x86_64.rpm
TaniumClient-7.4.2.2073-1.sle15.x86_64.rpm
TaniumClient-7.4.2.2063-1.sle15.x86_64.rpm
TaniumClient-7.4.2.2033-1.sle15.x86_64.rpm
TaniumClient-7.4.1.1955-1.sle15.x86_64.rpm
TaniumClient-7.2.314.3632-1.sle15.x86_64.rpm

SUSE Linux Enterprise Server (SLES) / OpenSUSE 12.x TaniumClient-7.4.4.1250-1.sle12.i586.rpm
TaniumClient-7.4.4.1226-1.sle12.i586.rpm
TaniumClient-7.4.2.2073-1.sle12.i586.rpm
TaniumClient-7.4.2.2063-1.sle12.i586.rpm
TaniumClient-7.4.2.2033-1.sle12.i586.rpm
TaniumClient-7.4.1.1955-1.sle12.i586.rpm
TaniumClient-7.2.314.3584-1.sle12.i586.rpm
TaniumClient-7.2.314.2962-1.sle12.i586.rpm

TaniumClient-7.4.4.1250-1.sle12.x86_64.rpm
TaniumClient-7.4.4.1226-1.sle12.x86_64.rpm
TaniumClient-7.4.2.2073-1.sle12.x86_64.rpm
TaniumClient-7.4.2.2063-1.sle12.x86_64.rpm
TaniumClient-7.4.2.2033-1.sle12.x86_64.rpm
TaniumClient-7.4.1.1955-1.sle12.x86_64.rpm
TaniumClient-7.2.314.3584-1.sle12.x86_64.rpm
TaniumClient-7.2.314.2962-1.sle12.x86_64.rpm

SUSE Linux Enterprise Server (SLES) / OpenSUSE 11.x TaniumClient-7.2.314.3584-1.sle11.i586.rpm
TaniumClient-7.2.314.2962-1.sle11.i586.rpm

TaniumClient-7.2.314.3584-1.sle11.x86_64.rpm
TaniumClient-7.2.314.2962-1.sle11.x86_64.rpm

Ubuntu 20.04 LTS taniumclient_7.4.4.1250-ubuntu20_amd64.deb
taniumclient_7.4.4.1226-ubuntu20_amd64.deb
taniumclient_7.4.2.2073-ubuntu20_amd64.deb
taniumclient_7.4.2.2063-ubuntu20_amd64.deb
Ubuntu 18.04 LTS taniumclient_7.4.4.1250-ubuntu18_amd64.deb
taniumclient_7.4.4.1226-ubuntu18_amd64.deb
taniumclient_7.4.2.2073-ubuntu18_amd64.deb
taniumclient_7.4.2.2063-ubuntu18_amd64.deb
taniumclient_7.4.2.2033-ubuntu18_amd64.deb
taniumclient_7.4.1.1955-ubuntu18_amd64.deb
taniumclient_7.2.314.3632-ubuntu18_amd64.deb
taniumclient_7.2.314.3584-ubuntu18_amd64.deb
Ubuntu 16.04 LTS taniumclient_7.4.4.1250-ubuntu16_amd64.deb
taniumclient_7.4.4.1226-ubuntu16_amd64.deb
taniumclient_7.4.2.2073-ubuntu16_amd64.deb
taniumclient_7.4.2.2063-ubuntu16_amd64.deb
taniumclient_7.4.2.2033-ubuntu16_amd64.deb
taniumclient_7.4.1.1955-ubuntu16_amd64.deb
taniumclient_7.2.314.3632-ubuntu16_amd64.deb
taniumclient_7.2.314.3584-ubuntu16_amd64.deb
taniumclient_7.2.314.2962-ubuntu16_amd64.deb

taniumclient_7.4.4.1250-ubuntu16_arm64.deb
taniumclient_7.4.4.1226-ubuntu16_arm64.deb
taniumclient_7.4.2.2073-ubuntu16_arm64.deb
taniumclient_7.4.2.2063-ubuntu16_arm64.deb
taniumclient_7.4.2.2033-ubuntu16_arm64.deb
taniumclient_7.4.1.1955-ubuntu16_arm64.deb
taniumclient_7.2.314.3632-ubuntu16_arm64.deb
taniumclient_7.2.314.3584-ubuntu16_arm64.deb

Ubuntu 14.04 LTS taniumclient_7.4.4.1250-ubuntu14_amd64.deb
taniumclient_7.4.4.1226-ubuntu14_amd64.deb
taniumclient_7.4.2.2073-ubuntu14_amd64.deb
taniumclient_7.4.2.2063-ubuntu14_amd64.deb
taniumclient_7.4.2.2033-ubuntu14_amd64.deb
taniumclient_7.4.1.1955-ubuntu14_amd64.deb
taniumclient_7.2.314.3632-ubuntu14_amd64.deb
taniumclient_7.2.314.3584-ubuntu14_amd64.deb
taniumclient_7.2.314.2962-ubuntu14_amd64.deb

Install the Tanium Client on Linux

Use the endpoint CLI to install the Tanium Client. For details on using the CLI, see CLI on Non-Windows endpoints.

  1. Ensure that the Linux endpoint meets the basic requirements for the Tanium Client.
  2. Ensure that host and network firewalls are configured to allow inbound and outbound TCP traffic on port 17472: see Linux firewall rules.
  3. Sign into the Linux endpoint.
  4. Use the Tanium Client Management service to download the client installer bundle (linux-client-bundle.zip) to the Linux endpoint. For the procedure, see Tanium Client Management Guide: Download and deploy the installer bundle.

    The bundle contains the following files:

    • Installer package file for each Linux distribution (such as TaniumClient-7.4.2.2073-1.oel6.x86_64.rpm)
    • tanium-init.dat (Tanium Client 7.4 or later)
    • tanium.pub (Tanium Client 7.2)

    You can also download tanium-init.dat or tanium.pub through the Tanium Console (see Tanium Console User Guide: Download infrastructure configuration files (keys)) and request the installer package from Tanium Support (see Contact Tanium Support). However, the installation process for Tanium Client 7.4.4 or later requires fewer manual configuration steps if you download tanium-init.dat through Client Management.

  5. Copy the installer bundle to a temporary folder on the Linux endpoint and uncompress the bundle:

    unzip linux-client-bundle.zip

  6. Run the appropriate installation command to install the package and generate a default configuration file.

    The RPM installers for Redhat and SUSE have command syntax similar to the following example:

    sudo rpm -i TaniumClient-7.4.2.2073-1.oel6.x86_64.rpm

    The Debian installers for Debian and Ubuntu have command syntax similar to the following example:

    sudo dpkg -i taniumclient_7.4.2.2073-debian6_amd64.deb

  7. Use the CLI to configure the following basic Tanium Client settings:
    ServerName or ServerNameList In a deployment with a standalone Tanium Server, set the ServerName to the server FQDN or IP address. In a deployment with Tanium Zone Servers or multiple Tanium Servers, configure ServerNameList with the FQDN or IP address of each server, separated with a comma.

    If the tanium-init.dat file for Tanium Client 7.4.4 specifies ServerNameList, you do not need to configure ServerName or ServerNameList. By default, the tanium-init.dat that you download through Client Management specifies ServerNameList, while the the tanium-init.dat that you download through the Tanium Console does not. For Tanium Client 7.2, 74.1, or 7.4.2, you must specify ServerName or ServerNameList.

    LogVerbosityLevel

    The following decimal values are best practices for specific use cases:

    • 0: Disable logging. This is the best practice value for clients installed on sensitive endpoints or virtual desktop infrastructure (VDI) endpoints.
    • 1 (default): This is the best practice value during normal operation.
    • 41: This is the best practice value during troubleshooting.
    • 91 or higher: Enable the most detailed log levels for short periods of time only.

    For details on additional settings that you can configure, see Tanium Client settings.

    The following example commands are for a deployment with HA Tanium Servers and Zone Servers.

    cd <Tanium Client installation folder>
    sudo ./TaniumClient config set ServerNameList ts1.example.com,ts2.example.com,zs1.example.com,zs2.example.com
    sudo ./TaniumClient config set LogVerbosityLevel 1

  8. Start the Tanium Client service: see Manage the Tanium Client service on Linux.

    Before proceeding, wait a few minutes for the Tanium Client to register.

  9. Verify that the client installed correctly and can communicate with the Tanium Server. From the Main menu, go to Administration > Management > Client Status. If the installation and registration succeeded, the client appears in the grid.

    To find a specific Tanium Client, enter a text string in the Show Rows Containing field above the grid to filter it by Host Name or Network Location (IP address).


Manage the Tanium Client service on Linux

Linux service commands vary according to Linux distribution. This documentation provides examples but is not a reference for each Linux distribution. If you are not already familiar with installing and managing services on your target Linux distribution, please review the documentation for the particular Linux operating system before you begin.

Linux Distribution Example Commands
Amazon Linux systemctl start taniumclient

systemctl stop taniumclient

Debian service taniumclient start

service taniumclient stop

Oracle Enterprise Linux systemctl start taniumclient (Version 7, 8)

systemctl stop taniumclient (Version 7, 8)

service TaniumClient start (Version 5, 6)

service TaniumClient stop (Version 5, 6)

Red Hat / CentOS systemctl start taniumclient (Version 7, 8)

systemctl stop taniumclient (Version 7, 8)

service TaniumClient start (Version 5, 6)

service TaniumClient stop (Version 5, 6)

SUSE / OpenSUSE service taniumclient start

service taniumclient stop

Ubuntu systemctl start taniumclient (Version 16, 18, 20)

systemctl stop taniumclient (Version 16, 18, 20)

service taniumclient start (Versions 14, 10)

service taniumclient stop (Version 14, 10)

Example: Add custom tags to the Tanium Client installation directory

You can add a custom tags file to the Tanium Client installation directory to enable using the tags in Tanium workflows. For example, you can ask a question that uses the Custom Tags sensor or create a computer group that selects computers based on the tag.

To add tags to the Tanium Client installation directory:

  1. Create a file named CustomTags.txt in the /opt/Tanium/TaniumClient/Tools directory.
  2. Open the file in a text editor (such as vi) and add tags. Tags are strings. Use one string per line and no spaces.
  3. Save the file. A restart is not required.

    The following example shows a Tanium Client installation directory that is set up with a custom tag named Lab.

After you add the custom tags, you can use them to create a computer group as follows.

  1. From the Main menu, go to Administration > Management > Computer Groups and click New Group.
  2. Enter a Name to identify the group.

    In the Filter Bar, use the Custom Tags sensor to define group membership, as shown in Figure  1.

    Figure  1:  Using custom tags to select a computer group
  3. Save your changes.

You can use the Tanium packages named Custom Tagging - Add Tags and Custom Tagging - Add Tags (Non-Windows) to deploy tags at scale. The results are exactly the same as the manual procedure shown here. For more information, see the Tanium Support Knowledge Base article on custom tags (sign in required).

Uninstall the Tanium Client on Linux

On RPM-based Linux distributions such as Red Hat or SUSE, run the following CLI command to uninstall the Tanium Client:

rpm -e $(rpm -qa --queryformat "%{NAME}\n"| grep -e '[Tt]anium[Cc]lient')

On Debian-based Linux distributions, run the following CLI command to uninstall the Tanium Client:

dpkg -P taniumclient