Verifying the installation
Log into the Tanium™ Console to verify proper communication among deployment components:
- Successful installation of Tanium™ content packs verifies communication with content.tanium.com.
- Successful installation of Tanium™ Interact verifies communication between the Tanium™ Server and Module Server.
- Successful registration by Tanium™ Clients verifies communication with clients.
- From a web browser, open the Tanium Console URL. The Tanium Console URL has the following form:
- Log in with the administrator username and password you set when you ran the installation wizard.
When you first log into the Tanium™ Console, it automatically initiates the following actions:
- Imports the Initial Content
- Basecontent pack. The Initial Content packs include the sensors, packages, saved questions, and dashboards that are essential for getting started with Tanium.
- Imports the Client Maintenance content pack. The Client Maintenance pack includes the sensors, packages, actions, and saved questions that are used to perform hygiene checks on Tanium Clients.
- Imports the Tanium™ Interact workbench. The Interact workbench includes the user interface for questions and results.
Go to the Tanium Console info page (https://<fqdn>/info) and search for Module Count. It should list the remote Module Server. If it lists 127.0.0.1, it is using the local Module Server, and you must revisit the steps you took to install the Tanium Server and remote Module Server.
This installation guide includes a brief section on deploying Tanium Client so that you can use basic client-server registration to verify successful installation of the Tanium™ Core Platform server components. For comprehensive information on client deployment options, see the Tanium Client Deployment Guide.
Before you begin
- You have a Windows computer on which you can install the Tanium™ Client Deployment Tool (CDT).
- Network firewall rules allow the Tanium CDT to make connections to the target endpoints.
- You know the username and password of an administrator account that can log into the target endpoint and install the Tanium Client.
- You have downloaded the Tanium Server public key file so you can include it in Tanium Client installation packages.
Install the CDT
- Right-click the TaniumClientDeploymentToolSetup.exe file and select Run as administrator.
The installation wizard prompts you for one value—the installation directory. The default is C:\Program Files (x86)\Tanium\Tanium Client Deployment Tool.
- In Windows, select Start > Tanium Client Deployment Tool to open the tool.
- Click OK to download the latest endpoint software.
The software is downloaded to C:\Program Files (x86)\Tanium\Tanium Client Deployment Tool\clients\.
- If you plan to use Microsoft PSExec to push Tanium Client to endpoints:
- Under Settings, specify:
Tanium pub file Type or browse to the Tanium Server public key file. The default installation location is C:\Program Files\Tanium\Tanium Server\tanium.pub. The Tanium Server public key you specify here is included in the Tanium Client installation. Server Name
The Tanium Server FQDN, such as ts1.example.com. The Tanium Client registers with the Tanium Server you specify here.
In high availability deployments and deployments with Zone Servers, you can list the FDQNs for all servers, using commas as separators. For example: ts1.example.com,ts2.example.com,zs1.example.com.
Port Port that Tanium Clients use to communicate with their designated peers and with the Tanium Server. The default is 17472. Log Verbosity Level
The following decimal values are best practices for specific use cases:
- 0: Disable logging. This is the best practice value for clients installed on sensitive endpoints or virtual desktop infrastructure (VDI) endpoints.
- 1: This is the best practice value during normal operation.
- 41: This is the best practice value during troubleshooting.
- 91 or higher: Enable the most detailed log levels for short periods of time only.
- For deployments to Windows endpoints, specify:
Username Local or domain user with administrative privileges on the targeted endpoints. The deployment tool uses this account when it connects to the targeted endpoint and executes the client installer. Password The corresponding password. Target Folder Override Specify an installation folder if you do not want to use the default. On Windows, the default is C:\Program Files (x86)\Tanium\Tanium Client. Execution Method For Windows endpoints, specify which Windows operating system command line utility the tool uses to analyze target computers and perform the remote installation of the client:
- PSEXEC: Best practice option because it is faster.
- WMIC: Best practice option if analysis using PSEXEC returns endpoints with OS Unknown and status Processing.
Impersonate User Select this option to use the PSEXEC user impersonation option. The credentials specified in the Settings section are used to connect to endpoint using a PSEXEC process that is run under those credentials on the Client Deployment tool host computer. Those credentials are also used to install the client.
- Use the Active Directory
tab to search for the target endpoints.
- Domain: Specify the Active Directory domain to which the targeted endpoints belong. For example, example.com.
- Connect using credentials: Select this option to use the administrator credentials specified in Settings instead of the logged in user credentials.
- Include computers in child containers: When this option is unchecked, computer names from endpoints within only the first level are included in the target list, not computers contained in child containers. When checked, all computers within an Organizational Unit or container and all child Organization Units or containers are included in the list.
- Click Analyze to query the AD tree and populate the results table. Click Retry Bind if necessary in the event the AD query fails.
- Select one or more rows in the results table and click Install.
The Status table has information about the installation attempt. Review the information to confirm deployment. Click Clear Completed or Clear All to clear Status table entries.
- Go to Administration > System Status to review recent client registration details.
- In Interact, verify the endpoints respond to the following query:
Get Computer Name and Tanium Server Name from all machines
- Review the results grid to verify that all endpoints with Tanium Client software installed are now reporting.
Last updated: 12/18/2018 10:34 AM | Feedback