Reveal requirements

Review the requirements before you install and use Reveal.

Review the requirements before you use Reveal.

Tanium dependencies

In addition to a license for the Reveal product module, make sure that your environment also meets the following requirements.

Reveal deploys the Tanium Index tools if necessary and starts the indexing process. Additionally, Reveal deploys a default Index configuration. Ensure that any file types or directories that you expect Reveal to scan are not excluded from hashing. By default, the following directories are excluded from hashing:

• ^/Library/Tanium/TaniumClient/ (macOS)

• ^/opt/Tanium/TaniumClient/ (Linux)

• \\Tanium\\Tanium Client\\ (Windows)

Tanium Module Server

Reveal is installed and runs as a service on the Tanium Module Server. The impact on the Module Server is minimal and depends on usage.

Endpoints

Up to 2 GB of free disk space is required on each endpoint.

Host and network security requirements

Specific ports and processes are needed to run Reveal.

Ports

The following ports are required for Reveal communication.

Security exclusions

If security software is in use in the environment to monitor and block unknown host system processes, your security administrator must create exclusions to allow the Tanium processes to run without interference.

Table 2:   Reveal security exclusions

Target Device	Notes	Process
Module Server		<Tanium Module Server>\services\reveal-service\node.exe
Windows endpoints		<Tanium Client>\TaniumCX.exe
		<Tanium Client>\Tools\EPI\TaniumExecWrapper.exe
		<Tanium Client>\Tools\EPI\TaniumEndpointIndex.exe
		<Tanium Client>\Tools\Reveal\TaniumReveal.exe
		<Tanium Client>\TaniumClientExtensions.dll
		<Tanium Client>\TaniumClientExtensions.dll.sig
		<Tanium Client>\extensions\RevealCX.dll
		<Tanium Client>\extensions\RevealCX.dll.sig
		<Tanium Client>\extensions\TaniumDEC.dll
		<Tanium Client>\extensions\TaniumDEC.dll.sig
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll.sig
	7.2.x clients	<Tanium Client>\Python27\TPython.exe
	7.4.x clients	<Tanium Client>\Python38\TPython.exe
	7.2.x clients	<Tanium Client>\Python38\*.dll
Linux endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/Tools/Reveal/TaniumReveal
		<Tanium Client>/libTaniumClientExtensions.so
		<Tanium Client>/libTaniumClientExtensions.so.sig
		<Tanium Client>/extensions/libRevealCX.so
		<Tanium Client>/extensions/libRevealCX.so.sig
		<Tanium Client>/extensions/libTaniumDEC.so
		<Tanium Client>/extensions/libTaniumDEC.so.sig
		<Tanium Client>/extensions//core/libTaniumPythonCx.so
		<Tanium Client>/extensions/core/libTaniumPythonCx.so.sig
	7.2.x clients	<Tanium Client>/python27/python
	7.4.x clients	<Tanium Client>/python38/python
macOS endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/Tools/Reveal/TaniumReveal
		<Tanium Client>/libTaniumClientExtensions.dylib
		<Tanium Client>/libTaniumClientExtensions.dylib.sig
		<Tanium Client>/extensions/libRevealCX.dylib
		<Tanium Client>/extensions/libRevealCX.dylib.sig
		<Tanium Client>/extensions/libTaniumDEC.dylib
		<Tanium Client>/extensions/libTaniumDEC.dylib.sig
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib.sig
	7.2.x clients	<Tanium Client>/python27/python
	7.4.x clients	<Tanium Client>/python38/python

Table 3:   Reveal security exclusions

Target Device	Notes	Process
Windows endpoints		<Tanium Client>\TaniumCX.exe
		<Tanium Client>\Tools\EPI\TaniumExecWrapper.exe
		<Tanium Client>\Tools\EPI\TaniumEndpointIndex.exe
		<Tanium Client>\Tools\Reveal\TaniumReveal.exe
		<Tanium Client>\TaniumClientExtensions.dll
		<Tanium Client>\TaniumClientExtensions.dll.sig
		<Tanium Client>\extensions\RevealCX.dll
		<Tanium Client>\extensions\RevealCX.dll.sig
		<Tanium Client>\extensions\TaniumDEC.dll
		<Tanium Client>\extensions\TaniumDEC.dll.sig
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll
		<Tanium Client>\extensions\core\libTaniumPythonCx.dll.sig
	7.4.x clients	<Tanium Client>\Python38\TPython.exe
Linux endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/Tools/Reveal/TaniumReveal
		<Tanium Client>/libTaniumClientExtensions.so
		<Tanium Client>/libTaniumClientExtensions.so.sig
		<Tanium Client>/extensions/libRevealCX.so
		<Tanium Client>/extensions/libRevealCX.so.sig
		<Tanium Client>/extensions/libTaniumDEC.so
		<Tanium Client>/extensions/libTaniumDEC.so.sig
		<Tanium Client>/extensions//core/libTaniumPythonCx.so
		<Tanium Client>/extensions/core/libTaniumPythonCx.so.sig
	7.4.x clients	<Tanium Client>/python38/python
macOS endpoints		<Tanium Client>/TaniumCX
		<Tanium Client>/Tools/EPI/TaniumExecWrapper
		<Tanium Client>/Tools/EPI/TaniumEndpointIndex
		<Tanium Client>/Tools/Reveal/TaniumReveal
		<Tanium Client>/libTaniumClientExtensions.dylib
		<Tanium Client>/libTaniumClientExtensions.dylib.sig
		<Tanium Client>/extensions/libRevealCX.dylib
		<Tanium Client>/extensions/libRevealCX.dylib.sig
		<Tanium Client>/extensions/libTaniumDEC.dylib
		<Tanium Client>/extensions/libTaniumDEC.dylib.sig
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib
		<Tanium Client>/extensions/core/libTaniumPythonCx.dylib.sig
	7.4.x clients	<Tanium Client>/python38/python

User role requirements

Use role-based access control (RBAC) permissions to restrict access to Reveal functions.

Table 4:   Tanium Reveal User Role Privileges

Permission	Reveal Administrator	Reveal Operator	Reveal Read Only User	Reveal Service Account	Reveal User
Show Reveal Access to the Reveal workbench
Reveal Affected Files Enables viewing of affected files
Reveal Quick Search Enables viewing of quick search results
Reveal Rules Deploy Enables the deployment of rules to endpoints
Reveal Rules Deploy Status Access to the Reveal workbench	1	1			1
Reveal Rules Read Enables the viewing and listing of rules	1	1			1
Reveal Rules Write Enables the editing of rules
Reveal Rule Sets Read Enables the viewing and listing of rule sets	1	1			1
Reveal Rule Sets Write Enables the editing of rule sets
Reveal Service User Enables a user to perform work as the service account user
Reveal Service User Read Allows viewing details of the service account user	1
Reveal Service User Write Enables modifications to the service user account
Reveal Snippets Enables viewing of snippets of affected files.
Reveal Use API Perform Reveal operations using the API	1		1	1	1
Reveal Validations Deploy Enables the deployment of validations to endpoints
Reveal Validations Deploy Status Enables viewing of the status of validation deployments	1	1			1
Reveal Validations Read Enables viewing and listing of validations	1	1			1
Reveal Validations Write Enables the editing of validations
Reveal Settings Read Enables viewing and listing Reveal settings	1
Reveal Settings Write Enables the editing of Reveal settings
Reveal Operator Settings Read Enables viewing and listing Reveal settings	1	1
Reveal Operator Settings Write Enables the editing of Reveal settings
Reveal Admin Perform administrative functions for the Reveal module
Trends Integration Service Account Provides access for module service accounts to read and write data, and to define sources and boards.
1 Denotes a provided permission.

For more information and descriptions of content sets and permissions, see the Tanium Core Platform User Guide: Users and user groups.

Last updated: 9/18/2020 1:06 PM | Feedback