Performance requirements
Review the requirements before you install and use Performance.
Tanium dependencies
In addition to a license for the Performance product module, make sure that your environment meets the following requirements.
| Component | Requirement |
|---|---|
| Tanium™ Core Platform Servers | Version 7.2 or later |
| Tanium™ Client | Version 7.2.314.3211 or later |
| Tanium Direct Connect | Version 1.1.0 or later (Optional; for connecting directly to an endpoint to view historical data) |
| Tanium™ solutions that use the Tanium™ Client Recorder Extension | If you are using any of the following Tanium solutions that use the endpoint recorder, you must use the specified versions:
|
Endpoints
Performance is supported on the following endpoint operating systems:
- Windows 7 and later
- macOS 10.11 and later
- Red Hat Enterprise Linux (RHEL) 6.x, 7.x
- CentOS 6.x, 7.x
Support for specific metrics varies by operating system. For more information, see Reference: Event Rules.
Host and network security requirements
Specific ports and processes are needed to run Performance.
Ports
The following ports are required for Performance communication.
| Component | Port | Direction | Purpose |
|---|---|---|---|
| Module Server | 17475 | Inbound | Required only for Direct Connect. Used for connecting to the Module Server for direct connections to endpoints. |
Security exclusions
A security administrator must create exclusions to allow Tanium processes to run without interference if security software is in use in the environment to monitor and block unknown host system processes.
| Target device | Process |
|---|---|
| Tanium Module Server | <Tanium Module Server>\services\performance\node.exe |
| <Tanium Module Server>\services\event-service\twsm.exe | |
| Windows x86 and x64 endpoints | <Tanium Client>\Tools\Performance\TaniumTSDB.exe |
| macOS, and Linux x86 and x64 endpoints | <Tanium Client>/Tools/Performance/TaniumTSDB |
User role requirements
| Privilege | Performance Administrator | Performance Service Account | Performance User |
|---|---|---|---|
|
Show Performance1 View Performance workbench. |
 2
|
|
2
|
|
Performance Administer View all pages in Performance. Update settings, profiles, and the service account credentials. Can generate and retrieve a support bundle. |
|
|
|
|
Performance Direct Connect Read3 Connect to an endpoint using Direct Connect and read data from that endpoint. |
2
|
|
|
|
Performance Event Read View performance events. |
2
|
|
|
|
Performance Profile Read View performance profiles. |
2
|
|
|
|
Performance Settings Read View performance settings. |
2
|
|
|
|
Performance Components Manage Manage back-end components for Performance, such as actions. |
|
|
|
|
1 To install Performance, you must have the reserved role of Administrator. 2 Denotes an implicit permission that is provided by a privilege with a higher permission level. For example, a write permission provides an implicit read permission. 3 Also requires the Direct Connect Use API privilege for the Direct Connect service. |
|||
| Permission | Content Set for Permission | Performance Administrator | Performance Service Account | Performance User |
|---|---|---|---|---|
| Ask Dynamic Questions |
|
|
|
|
| Read Sensor | Reserved |
|
|
|
| Read Sensor | Base |
|
|
|
| Read Sensor | Performance |
|
|
|
| Read Sensor | Hardware |
|
|
|
| Read Plugin | Performance |
|
|
|
| Execute Plugin | Performance |
|
|
|
| Read Saved Question | Reserved |
|
|
|
| Read Saved Question | Base |
|
|
|
| Read Saved Question | Performance |
|
|
|
| Read Saved Question | Hardware |
|
|
|
Last updated: 11/21/2019 10:28 AM | Feedback