Use software packages to install, update, or remove software on a set of target computers. Use software bundles to specify a sequenced list of software packages to deploy.
For applicability checks and command-line operations, make sure that all endpoints have the required system environment variables defined. For more information, see System environment variables.
- From the Deploy menu, click Software and then click New Software Package.
- In the Package Files section, click Add to add a local file, remote file, or remote folder.
These are the files that are needed to silently install an application on a managed device. They include, but are not limited to, msi or exe installers, resource files or folders, configuration files, custom scripts, custom registry files, or license keys.
If you select a remote file or remote folder, ensure that the account that runs the Tanium Deploy service has access to the remote location. By default, the Tanium Deploy service runs in the local system context. Hidden or administrative UNC shares are not supported within Tanium Deploy.
- In the General Information section, provide the general information, click Upload Icon to upload an icon, and select the OS platform.
If the package files include one or more Windows Installer packages (MSI file format), you can click Inspect to extract the general information from the .msi file and verify the pre-populated information. Clicking Inspect does not overwrite any information that you previously entered manually.
- In the Deploy Operations section, select Deploy operations: Install, Update, or Remove.
- In the System Requirements section, provide the minimum system requirements for the package to run on the endpoint.
- In the Requirements section, add a list of detection rules for prerequisite software. For more information, see Variables for applicability scans and command-line operations and WMI queries.
- (Optional) If the Update operation is selected, add a list of detection rules for previous versions. For more information, see Variables for applicability scans and command-line operations and WMI queries.
- In the Deploy Operation section, add conditional commands for any of the Deploy operations that you enabled for this package. For more information, see Variables for applicability scans and command-line operations.
Check for Running Processes
You can specify a process name and choose whether to kill or pause the process.
You can copy a file or folder, create a folder, delete a file or folder, extract a file or folder, or rename a file or folder. Supported file types for extracting a file are 7z, tar, zip, bzip2, gzip, xz, and Z.
You can specify an install, update, or remove command to run and choose whether to run the command as the System or the Active User. Use double quotes if any part of the path in a command contains a space, even if you use variables.
Tanium Client File Request
You can specify an HTTP(S) address or a UNC file path and file name. Any URI that you enter must be whitelisted on the Tanium Server. For more information, see Tanium Platform User Guide: Managing whitelisted URLs.
- In the Install Verification section, add a list of detection rules for installation verification. For more information, see Variables for applicability scans and command-line operations and WMI queries.
- Click Create Package. You can also click Save and Finish Later to finish creating the package later.
When you create a software package, you can use ||PROGRAMFILES32BIT||, ||PROGRAMFILES||, ||ACTIVEUSERPROFILE||, or ||ACTIVEUSERREGISTRY|| as variables for applicability scans and command-line operations. For the Requirements, Update Detection, and Install Verification sections, you can use these variables if you select the Registry Path, Registry Data, File Path or File Version filter fields.
|32-bit on 32-bit endpoint||||PROGRAMFILES32BIT||||C:\Program Files|
|32-bit on 64-bit endpoint||||PROGRAMFILES32BIT||||C:\Program Files (x86)|
|64-bit on 32-bit endpoint||||PROGRAMFILES||||C:\Program Files|
|64-bit on 64-bit endpoint||||PROGRAMFILES||||C:\Program Files|
Profile directory of the active authenticated user
Registry hive of the active authenticated user
Use double quotes if any part of the path in a command contains a space, even if you use variables.
You can use a WMI query to query information from WMI classes for any of the detection rules within a software package. If you use a WMI query, you cannot query against the Win32_Product WMI class.
For more information, see [Microsoft Documentation]: Win32_Product class.
You can export a software package so that you can later import the package on a different server or recreate a deleted package.
- From the Deploy menu, click Software.
- Click the name of your package and then click Export .
The ZIP file is available in your downloads folder.
You can import a previously exported software package on a different server or recreate a deleted package.
- From the Deploy menu, click Software and then click Import Package.
- Browse to the previously exported ZIP file and click Import.
- Click Upload File for any required files.
- Click Import or Import Duplicate if you are importing a duplicate package.
- Provide your password and click Confirm.
After you create or edit a software package, you are prompted to distribute the software package catalog to the endpoints. Click Distribute Catalog, provide your password, and click Confirm. When the endpoints receive the updated software package catalog, you can view the package applicability.
- From the Deploy menu, click Software.
You can also view the software package applicability by additionally clicking your package name.
- For more details about a specific applicability state, click Interact .
- You can also click Full Report to view the applicability details for the endpoints.
- From the Deploy menu, click Software and then click Software Bundles.
- Click New Software Bundle.
In the Software Bundle Details section, specify the bundle name and description and select the OS platform.
- In the Add Software section, select software options.
- Select which software packages you to want to add to the bundle.
- Select the deploy action: Install, Update, Remove, or Install Or Update.
- Select whether you want the bundle to exit or continue or if the package fails.
You can change the order of the packages by dragging the package, or by clicking the arrows next to the package number.
- Click Create Bundle.
To edit a package or bundle, click the name of your package or bundle and then click Edit.
When a software package or bundle is edited and saved, the version number of the package or bundle is incremented. All existing deployments continue to use the version that is specified at the time of deployment until the updated software package catalog is distributed.
To copy a package or bundle, click the name of your package or bundle and then click Copy.
When a software package or bundle is copied, the name is automatically prepended with copy - .
To delete a package or bundle, click the name of your package or bundle and then click Delete .
You can only delete a software package or bundle if it is not being referenced in an active deployment.
Last updated: 3/24/2020 3:04 PM | Feedback