Hello all,
I am looking for a workshop or tutorial guide on creating own Analytics. For example, I would like to create an analytic that identifies the download of certain files by their names.
Are there any materials for this?
Question
Is there an easy documentation for building customized analytics?
+1
+8A good place where to start could be looking at some of the built-in Analytics that use the GPDownloadEvent Sensor, for example SuspiciousFileDownload or FlashDownloadNotSignedByAdobe.
There is also an example in this post
Files Downloaded from the Internet
Sensor Type: GPDownloadEvent
true == true
The GPDownloadEvent provides visibility into any file that gets downloaded on the system using Appleās APIs.
For general reference on Custom Analytic and how-to: https://github.com/jamf/jamfprotect/tree/main/custom_analytic_detections
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.