Map requirements

Review the requirements before you install and use Map.

Tanium dependencies

In addition to a license for the Map product module, make sure that your environment also meets the following requirements.

Component Requirement
Tanium™ Core Platform
  • 7.2.314.2831 or later
  • 7.3.314.3420 or later

  • or later
Tanium™ Client

For more information about specific Tanium Client versions, see Tanium Client Deployment Guide: Client host system requirements.

For Map on Tanium™ as a Service, use Tanium Client or later.

One of the following 7.2 Tanium Client versions is required as a minimum:

  • 7.2.314.3476 and later with the exception of 7.2.314.3518 (Linux, MacOS*, Windows)
  • 7.2.314.3608 (MacOS 10.15.x and later)

* = MacOS earlier than 10.15.x Catalina and later clients are supported on Map 2.0.1 and later.

If you use a client version that is not listed, certain product features might not be available, or stability issues can occur that can only be resolved by upgrading to one of the listed client versions.

Tanium™ Module Server

Map is installed and runs as a service on the Module Server host computer. The impact on the Module Server is minimal and depends on usage.


Supported operating systems

The following endpoint operating systems are supported with Map. Map uses the Tanium™ Client Recorder Extension to gather data from endpoints.

Operating SystemVersion
  • Windows 7 or later
  • Windows Server 2008 R2 with SP1 or later
  • Windows XP and Windows Server 2003 are not supported
macOSSame as Tanium Client support. See Tanium Client User Guide: Host system requirements.

Same as Tanium Client support. See Tanium Client User Guide: Host system requirements.

For Linux endpoints:

  • Install the most recent stable version of the audit daemon and audispd-plugins. For information on deprecated parameters in the audit daemon configuration, see Tanium Client Recorder Extension User Guide. See the specific operating system documentation for instructions.
  • Be aware that when using immutable "-e 2" mode, the recorder adds Tanium audit rules in front of the immutable flag. When using the -e 2 flag on Linux, the endpoint must be restarted after the recorder is enabled.
  • Be aware that when using the failure "-f 2" mode, the Linux kernel panics in the event that auditd message is lost. The recorder does not add audit rules if this configuration is detected.

Disk space requirements

Up to 1 GB of free disk space might be required for the Map database.

CPU and memory requirements

The CPU demand on the endpoint averages less than 1%. For full-functionality a minimum of two CPUs per endpoint is required. The Tanium Client Recorder Extension cannot operate on less than 2 CPU cores.

A minimum of 4 GB RAM is recommended on each endpoint device.

Host and network security requirements

Specific ports and processes are needed to run Map.


SourceDestinationPort ProtocolPurpose
Module ServerTanium as a ServiceEndpoints80TCPApplication discovery

Application discovery

17272TCPApplication discovery
17473TCPApplication discovery

For Tanium as a Service ports, see Tanium as a Service Deployment Guide: Host and network security requirements.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference. For a list of all security exclusions to define across Tanium, see Tanium Core Platform Deployment Reference Guide: Host system security exclusions.

Table 1:   Map security exclusions
Target DeviceNotesProcess
Module Server <Tanium Module Server>\services\map-service\node.exe
Windows endpoints7.2.x clients<Tanium Client>\Python27\TPython.exe
7.4.x clients<Tanium Client>\Python38\TPython.exe
7.4.x clients<Tanium Client>\Python38\*.dll
 <Tanium Client>\TaniumCX.exe
 Linux endpoints7.2.x clients<Tanium Client>/python27/bin/pybin
7.4.x clients

<Tanium Client>/python38/python

 <Tanium Client>/TaniumCX
macOS endpoints <Tanium Client>/TaniumCX


Table 2:   Map security exclusions
Target DeviceNotesProcess
Windows endpoints7.4.x clients<Tanium Client>\Python38\TPython.exe
7.4.x clients<Tanium Client>\Python38\*.dll
 <Tanium Client>\TaniumCX.exe
Linux endpoints7.4.x clients

<Tanium Client>/python38/python

 <Tanium Client>/TaniumCX
macOS endpoints <Tanium Client>/TaniumCX

User role requirements

Table 3:   Map user role permissions
PrivilegeMap AdministratorMap OperatorMap UserMap Read Only UserMap Service Account

Show Map

Access Map workbench

Map Application Definition Read

Read map application definitions

Map Application Definition Write

Edit map application definitions

Map Operator Settings Read

Read most map settings

Map Operator Settings Write

Edit most map settings

Map Settings Read

Read all map settings


Map Settings Write

Edit all map settings

1 Denotes a provided permission.



Table 4:   Provided Map Advanced user role permissions
PermissionContent Set for PermissionMap AdministratorMap OperatorMap UserMap Read Only User
Execute PluginMap