The tanium.license file located in the Tanium Server’s installation folder—by default, \Program Files\Tanium\Tanium Server\—sets the following limits on a deployment:
- The maximum number of managed computers the Tanium system will support
- The duration of time for which the Tanium platform provides full functionality
- The Tanium platform features authorized for use
- The IP Address or FQDN to define the URL to launch the console.
If the tanium.license file does not exist in the server’s installation folder, the system defaults to using the limits established for a pilot or evaluation deployment:
- Support for up to 50 managed devices: Servers, Workstations, or Laptops
- Authorization for all platform features
License Acquisition and Activation
Evaluation License <= 50 seats
- No action necessary to acquire or activate a license.
- After installing the Tanium application server, no tanium.license file exists in the server's installation folder. Consequently, the system uses the default license settings to enable an organization to manage the 50 most recently registered Tanium Clients installed to devices within an evaluation environment.
Production License or Evaluation License > 50 seats
- To acquire a production or evaluation license to manage more than 50 seats, provide your Tanium or Tanium partner account team with the Fully Qualified Domain Name or fixed IP address of the physical or virtual device that hosts the Tanium application server.
- The account team will process the request and return a tanium.license file.
- To activate the new license, rename the current version of the tanium.license file for back up if one exists within the Tanium Server's installation folder.
- Copy the tanium.license file delivered by the account team to the Tanium Server’s installation folder.
- The new license will be activated automatically within a few minutes; however, you may also restart the Tanium Server service to complete the new license activation process immediately
Tanium platform licensing FAQ’s
To minimize the effort associated with maintaining compliance to a Tanium software license contract and to discourage the practice of over-licensing software from fear of failing a vendor's software audit, the Tanium platform and underlying licensing algorithm include a number of built-in features to simplify license management and eliminate the expense of purchasing and tracking unnecessary licenses.
The platform maintains an internal counter to track the number of unique devices registered and reporting in to the system within the previous 30-day period. To view that count at any time:
- Navigate to Administration | System Status within the Console
- Select the option "Show systems that have reported in the last:"
- Enter the value "30" at the data entry field
- Set the duration dropdown list to "Days"
The system determines License compliance by subtracting the number of devices registered within the last 30 days from the "SeatCount" value defined in the tanium.license file:
Q. Our organization frequently re-images or refreshes our hardware. How do we reclaim unused licenses from the old systems so they can be used to manage the new ones?
- The license tracking feature requires no on-going maintenance for an organization to remain compliant with the terms of the software contract. If a device does not re-register within any 30-day period, the internal counter tracking the number of actively managed devices decreases by one, making the license available for use by another device.
- If the machines are being replaced faster than the old licenses are being released, a buffer of additional seats is available automatically to compensate for the difference in seat count while the system reclaims old licenses.
- The system rejects registration attempts from any additional devices until the license count is increased or licenses no longer in use are released by computers that have not re-registered.
- As a result, the system continues to provide full management of the licensed number of devices; however, the specific devices under management will be different at any point in time, again, until new licenses are added or unused licenses are released by computers that have not registered within the previous 30-day period.
- If the license goes into its grace mode, operators logging into the system see an alert to renew the license before the end of the grace period.
- The system continues to support the entitled number of devices after license expiration; however, if a replacement license is not activated by the end of the grace period, the system will revert to managing only the 50 most recently registered devices until a new license is put in place.
- Enable the Tanium Server log with a decimal value of 81.
- If logging is already enabled, make note of the Tanium Server's current logging level and update the setting to a decimal value of 81.
- After reviewing the licensing information described below, reset the server's logging level to its previous value or to zero to disable the logging.
- From a text editor:
- Open the current version of the log file, log0.txt, located within the server's installation folder.
- Scroll to the end of the file
- Search up for the string value "Opened License"
|ServerName||Address of the Tanium application server associated with the active license. Once activated, the tanium.license file allows access from a browser to the console only when the URL includes the server name value specified here. For example:
|Features||System functionality enabled by the license:
|SeatCount||Number of computers licensed to be managed by the platform. The server compares the number of computers registered over the last 30 days as reported in the console's System Status tab to the SeatCount value in the license file to determine compliance. If the number of registered computers exceeds the number of licensed seats by more than 10%, operators logging into the console see an alert warning that the system will continue to function, but will reject registration attempts from new devices until either additional licenses are purchased or the system reclaims unused licenses from managed computers that have not re-registered within the last 30 days.|
|Expiration||The date on which the license expires expressed as the number of days since the start of the Unix/POSIX Epoch time system, January 1, 1970.
|daysFromEpoch||The current date expressed as the number of days since the start of the Unix/POSIX Epoch time system, January 1, 1970.
|Days Left||Calculated as Expiration - daysFromEpoch
A positive value represents the number of days until the license expiration date:
A negative value represents the number of days since the license expiration date:
When a license expires, the system continues to function for a limited grace period. If a new license is not activated by the end of the grace period, the system will revert to "evaluation mode" which allows you to manage only the 50 most recently registered devices.