Installing Deploy

You can install Deploy from the Tanium Solutions page.

Before you begin

Import Deploy

Import Deploy from the Tanium Solutions page.

For environments that are configured with an Active/Active Tanium Server configuration, this process must be performed on both Tanium Servers.

  1. From the Main menu, click Tanium Solutions.
  2. Under Tanium Deploy, click Import.

    Tanium Deploy is a licensed solution. If Tanium Deploy is not enabled for import on the Tanium Solutions page, contact your TAM.

  3. In the Content Import Preview window, you can expand the package to review the Tanium content that is being installed.
  4. Initiate the import.
  5. After the installation process completes, click Close.
  6. To confirm the installation, return to the Tanium Solutions page and check the Installed: X.X.X.XX version for Deploy.

    If you do not see the Deploy module in the console, refresh your browser.

Set the service account

For recurring maintenance activities, specify a Tanium user with administrator or content administrator permissions. Specifying these credentials is a one-time configuration. No other credentials need to be added.

  1. From the Deploy home page, in the Configure Deploy section, click the Configure Service Account step and click Configure Service Account.

    If the Configure Deploy section is not visible in the Deploy home page, click Manage Home Page, select Configure Deploy, and click Save.

  2. Enter the Tanium credentials and click Set Credentials.

Install the Tanium End-User Notifications solution

By installing the Tanium End-User Notifications solution, you can create a notification message with your deployment to notify the user that the system is about to begin a deployment, has completed a deployment, and if postponements are enabled, to give the user the option to postpone the deployment or restart now.

  1. From the Deploy home page, in the Configure Deploy section, click the Import End-User Notifications step and click Import End-User Notifications.

    If the Configure Deploy section is not visible in the Deploy home page, click Manage Home Page, select Configure Deploy, and click Save.

  2. Review the list of packages and sensors and click Proceed with Import.
  3. To distribute the end user notification tools to endpoints, Add computer groups to Deploy action group and Initialize endpoints.
  4. To check if your endpoints have the end user notification tools, ask the question: Get Has End User Notification Tools from all machines with Is Windows = "true"

After you upgrade the Tanium End-User Notifications solution, you must delete your existing Scheduled Action deployment and follow the deployment process again.

Organize computer groups

One way to deploy packages or bundles is by computer group. Create relevant computer groups to organize your endpoints. Some options include:

  • Endpoint type, such as servers or employee workstations
  • Endpoint location, such as by country or time zone
  • Endpoint priority, such as business-critical machines

For more information, see Tanium Core Platform User Guide: Managing computer groups.

Add computer groups to Deploy action group

Importing the Deploy module automatically creates an action group to target specific endpoints. Select the computer groups to include in the Deploy action group. By default, Deploy targets No Computers.

  1. From the Deploy home page, in the Configure Deploy section, click the Select Computer Groups step and click Configure Action Group.

    If the Configure Deploy section is not visible in the Deploy home page, click Manage Home Page, select Configure Deploy, and click Save.


  2. Select the computer groups that you want to include in the action group. If you select multiple computer groups, choose an operand (AND or OR) to combine the groups.
  3. (Optional) In the All machines currently included in this action group section, review the included endpoints.

    These results might take a few moments to populate.

  4. Click Save.

Initialize endpoints

Deploy installs a set of tools on each endpoint that you have targeted. Initializing the endpoints starts the Deploy service and starts the Deploy process on every endpoint where it is not running.

This action is reissued on an hourly basis.

  1. From the Deploy home page, in the Configure Deploy section, click the Initialize Endpoints step and click Initialize Endpoints.

    If the Configure Deploy section is not visible in the Deploy home page, click Manage Home Page, select Configure Deploy, and click Save.


  2. Enter your password and click Confirm.

After deploying the tools for the first time, endpoints can take up to four hours to display status.

Upgrade Deploy

You can upgrade Deploy by importing it in the Tanium Console.

For environments that are configured with an Active/Active Tanium Server configuration, this process must be performed on both Tanium Servers.

  1. From the main menu, select Tanium Solutions.
  2. Locate Deploy and click Upgrade to <version>.
    A progress bar is displayed as the installation package is downloaded.
  3. Click Continue.
    The Import Solution page opens with a list of all changes and import options.
  4. Initiate the import.
  5. Enter your password and click OK.
  6. When the upgrade is complete, click Close.
  7. To confirm the upgrade, return to the Tanium Solutions page and check the Installed: X.X.X.XX version for Deploy.

    If the Deploy version has not updated in the console, refresh your browser.

  8. If you upgraded to Deploy 1.1, you must Set the service account and Initialize endpoints again.

What to do next

See Getting started for more information about using Deploy.

Last updated: 11/27/2018 12:49 PM | Feedback