I have two reporting tasks in Jamf Pro that I dread every time I have to do them:
-
Creating a Security Stack report
-
Creating a report that shows which computers have a specific application installed and which do not
What I’m trying to do
For the security stack, we have (for example) 5 security products that should be installed across our fleet.
What I’ve been doing is exporting Computer Applications inventory and working from the CSV. The problem is the way Jamf structures the export:
-
The application name appears once
-
The rows beneath it (per computer) are blank until the next application name appears
-
Those blank rows still represent devices that have the app installed, but the format makes filtering, automation, and reporting extremely painful
I’ve worked with other tools where the export shows the application name on every row per computer, even if the version is the same, which makes reporting much easier.
What I’ve considered
The only reliable approach I can think of is using Extension Attributes that explicitly check for each application and return something like Installed / Not Installed, then exporting those EAs.
This applies to both use cases:
-
A Security Stack report (5 applications)
-
A single application report showing installed vs not installed devices
At this point, Extension Attributes feel like the only way to generate a single, clean report that includes both installed and not installed machines.
My question
Is there a better or more native way in Jamf Pro to handle this that I’m missing?
-
Is there a smarter way to build Advanced Computer Searches for this?
-
Is relying on Extension Attributes the expected approach here?
-
Or is there a reporting method that avoids having to parse the Applications inventory export?
Any insight from others who’ve solved this in Jamf would be appreciated.
