Prior to performing a Content Upgrade or using new content within a production environment, always validate the changes first within a test environment. The Tanium Server has no license requirements for up to 50 seats, so you can create a small test environment easily using SQL Express on a single VM. If you need a larger test environment, Contact your Tanium Technical Account Manager to acquire a second server license for testing purposes.
Notes on Key Pairs
It is advisable to document a checksum or hash value of each key in the key pair (private and public) along with the server the key came from. This data will help tremendously if the key and server name do not match.
While it is possible to share the private key file and public key file between different environments, generally it is not recommended. This is due to the added security risk of having the private key available on more systems as well as more complex situations that may arise from switching keys and environments.
If the Test Environment and Production Environment are being brought online at the same time, they will have the same initial state. Every effort should be made to ensure changes go from Test to Production in sequence so that the Production Server's state matches that of the Test Server.
If the Test Environment is brought online after the Production Environment, the Test Environment may use a copy of the Production Environment's database. To do this, back up the Production Server's 'tanium' database. Install the Test server, stop the Apache and Tanium Server services, and restore the Production database over the test database. Next, copy all the files in the Production server's Downloads directory to the Test server.
Performing this step would create the same Users, Sensors, Actions, Dashboard, Computer Groups, and all other items in the State of the other server. Culling Users may be an option to consider.
Once the Test environment is running, all Server and Client upgrades should be performed in the Test environment. Content Upgrades and the installation of new Content should take place in this environment.