Requirement: need to get check in / current ip of all the machines for about 1k machines in the network on regular intervals.
Since the Jamf server does not keep record of check in IPs, planning on scheduling a script to run every 15 minutes on all machines ( a simple command to echo `date +%T`,`curl ifconfig.me` ) to a log fine, the resulting log file needs to be pulled out to harvest/consolidate and create an inventory of all machines records probably in a database table. the challenge I'm trying to solve is the retrieval of the log file from all the machines to a central location
How secure is to use a script that uses creds in it though encrypted when applied via policy against all machines? and if we upload to the attachment section of machines in jamf, how easy it is to pull this to a central location for all the machines.. I'm assuming via an API if that is supported.
Also is there a good practice to copy the files from all machines to a central location, let's say an sFTP/ssh server/ a cloud s3 bucket etc?
Thanks in advance for any input.
JAMF does gather IP address with inventory updates, the IP is in the computer General tab. Collecting the IP Address and Reported IP Address in Jamf Pro - Technical Articles | Jamf
Putting credentials in a script, its not secure at all. Scripts stored on the device are in plaintext. Scripts sent from MDM can be intercepted by applications like WireShark and have the contents read.
If it was me doing this, I would have whatever tool you need to have the device IP information use JAMF API to pull the inventory record's and ingest the IP address. Assuming having the data in JAMF is not sufficient.