Performance requirements

Review the requirements before you install and use Performance.

Tanium dependencies

In addition to a license for Performance, make sure that your environment meets the following requirements.

Component	Requirement
Tanium™ Core Platform	7.2 or later
Tanium™ Client	7.2.314.3211 or later 7.4.1.1955 or later
Tanium products	If you clicked the Install with Recommended Configurations button when you installed Performance, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Performance requires to function, as described under Tanium Console User Guide: Manage Tanium modules. The following minimum versions are required: Tanium Initial Content - Hardware 7.1.10 or later The following modules are optional, but Performance requires the specified minimum versions to work with them: Tanium Direct Connect 1.1.0 or later (for connecting directly to an endpoint to view live and historical data) If you are using any of the following Tanium™ modules that use the Tanium™ Client Recorder Extension, you must use the specified versions: Tanium™ Integrity Monitor 1.7.0.0035 or later Tanium™ Map 1.1.1.0006 or later Tanium™ Threat Response 1.2.0.0037 or later Tanium™ Trace 2.9.0.0035 or later

Component

Requirement

Tanium™ Core Platform

7.2 or later

Tanium™ Client

7.2.314.3211 or later
7.4.1.1955 or later

Tanium products

If you clicked the Install with Recommended Configurations button when you installed Performance, the Tanium Server automatically installed all your licensed modules at the same time. Otherwise, you must manually install the modules that Performance requires to function, as described under Tanium Console User Guide: Manage Tanium modules.

The following minimum versions are required:

Tanium Initial Content - Hardware 7.1.10 or later

The following modules are optional, but Performance requires the specified minimum versions to work with them:

Tanium Direct Connect 1.1.0 or later (for connecting directly to an endpoint to view live and historical data)

If you are using any of the following Tanium™ modules that use the Tanium™ Client Recorder Extension, you must use the specified versions:

Tanium™ Integrity Monitor 1.7.0.0035 or later
Tanium™ Map 1.1.1.0006 or later
Tanium™ Threat Response 1.2.0.0037 or later
Tanium™ Trace 2.9.0.0035 or later

Endpoints

Supported operating systems

The following endpoint operating systems are supported with Performance.

Windows 7 and later
macOS 10.11 and later
Red Hat Enterprise Linux (RHEL) 6.x, 7.x
CentOS 6.x, 7.x

Support for specific metrics varies by operating system. For more information, see Reference: Event Rules.

Host and network security requirements

Specific ports and processes are needed to run Performance.

Ports

The following ports are required for Performance communication.

Component	Port	Direction	Purpose
Module Server	17475	Inbound	Required only for Direct Connect. Used for connecting to the Module Server for direct connections to endpoints.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.

Table 1: Performance security exclusions
Target device	Process
Tanium Module Server	<Module Server>\services\performance\node.exe
Tanium Module Server	<Module Server>\services\event-service\twsm.exe
Windows x86 and x64 endpoints	<Tanium Client>\Tools\Performance\TaniumTSDB.exe
	<Tanium Client>\Python27\TPython.exe (7.2.x clients)
	<Tanium Client>\Python38\TPython.exe (7.4.x clients)
	<Tanium Client>\Python38\*.dll (7.4.x clients)
macOS, and Linux x86 and x64 endpoints	<Tanium Client>/Tools/Performance/TaniumTSDB
	<Tanium Client>/python27/python (7.2.x clients)
	<Tanium Client>/python38/python (7.4.x clients)

User role requirements

Table 2: Performance user role privileges
Privilege	Performance Administrator	Performance User
Show Performance View Performance workbench.	¹	¹
Performance Administer View all pages in Performance. Update settings, profiles, and the service account credentials. Can generate and retrieve a support bundle.
Performance Direct Connect Read² Connect to an endpoint using Direct Connect and read data from that endpoint.	¹
Performance Event Read View performance events.	¹
Performance Profile Read View performance profiles.	¹
Performance Settings Read View performance settings.	¹
Performance Components Manage Manage back-end components for Performance, such as actions.
¹ Denotes an implicit permission that is provided by a privilege with a higher permission level. For example, a write permission provides an implicit read permission. ² Also requires the Show Direct Connect privilege for the Direct Connect service. ³ Also provides the Trends Integration Service Account privilege.

Table 3: Provided Advanced user role permissions for Tanium 7.1.314.3071 or later
Permission	Content Set for Permission	Performance Administrator	Performance Service Account	Performance User
Ask Dynamic Questions
Read Sensor	Reserved
Read Sensor	Base
Read Sensor	Performance
Read Sensor	Hardware
Read Plugin	Performance
Execute Plugin	Performance
Read Saved Question	Reserved
Read Saved Question	Base
Read Saved Question	Performance
Read Saved Question	Hardware