Anyone else see "sentry.pub.jamf.build" in their computer traffic

No idea what it is, but i see it hitting my firewall too.

I also saw this when I launched Composer—thanks Little Snitch! According to the logs, actually, it has been going on since at least September 2020 (I don't usually launch Composer on this Mac).

I decided to try using Charles Proxy as a MITM. Decoding was successful.

This is the conversation that Composer had with Jamf:

API CALL

:method: POST
:scheme: https
:path: /api/10/store/
:authority: sentry.pub.jamf.build
accept: */*
content-type: application/json
accept-language: en-us
accept-encoding: br, gzip, deflate
content-encoding: gzip
user-agent: sentry-cocoa
content-length: 0
x-sentry-auth: Sentry sentry_version=7,sentry_client=sentry-cocoa/5.0.4,sentry_timestamp=1616088163,sentry_key=78ddbb873d634ed1a509b2af040cfe10

DATA SENT TO JAMF

{
    "extra": {},
    "message": "Startup completed",
    "timestamp": "2021-03-18T17:22:43Z",
    "release": "com.jamfsoftware.Composer@10.24.2+10.24.2-t1600451425",
    "dist": "RELEASE",
    "tags": {
        "DURATION": "00:00:04"
    },
    "breadcrumbs": [{
        "message": "Breadcrumb Tracking",
        "timestamp": "2021-03-18T17:22:32Z",
        "level": "info",
        "type": "debug",
        "category": "started"
    }],
    "level": "info",
    "platform": "cocoa",
    "sdk": {
        "name": "sentry.cocoa",
        "version": "5.0.4"
    },
    "contexts": {
        "os": {
            "build": "18G8022",
            "rooted": false,
            "kernel_version": "Darwin Kernel Version 18.7.0: Tue Jan 12 22:04:47 PST 2021; root:xnu-4903.278.56~1/RELEASE_X86_64",
            "name": "macOS",
            "version": "10.14.6"
        },
        "device": {
            "free_memory": 2798387200,
            "arch": "x86",
            "family": "macOS",
            "memory_size": 17179869184,
            "storage_size": 499963174912,
            "model": "MacBookPro14,2",
            "boot_time": "2021-03-14T18:14:09Z",
            "timezone": "PDT",
            "usable_memory": 16489644032
        },
        "app": {
            "app_id": "91DC99E0-6763-3012-A760-402590FC88C7",
            "app_version": "10.24.2",
            "app_identifier": "com.jamfsoftware.Composer",
            "app_start_time": "2021-03-18T17:22:32Z",
            "device_app_hash": "f23c56b26ad6e8801daf5116a3ebaa7e0a866114",
            "app_build": "10.24.2-t1600451425",
            "build_type": "unknown",
            "app_name": "Composer"
        }
    },
    "event_id": "c8b1586a31fa488cbdd9f89cdcf747db"
}

It appears to be sending analytics about the Mac that is running Composer. Nothing more.

@scafide , a little light on this one please?

There is a similar POST when Self Service is launched:

{
    "extra": {},
    "message": "Self Service Launched",
    "timestamp": "2021-03-18T22:42:43Z",
    "release": "com.jamfsoftware.selfservice.mac@10.26.1+10.26.1-t1606923553",
    "dist": "RELEASE",
    "tags": {},
    "breadcrumbs": [{
        "message": "Breadcrumb Tracking",
        "timestamp": "2021-03-18T22:42:43Z",
        "level": "info",
        "type": "debug",
        "category": "started"
    }],
    "level": "info",
    "platform": "cocoa",
    "sdk": {
        "name": "sentry.cocoa",
        "version": "5.2.2"
    },
    "contexts": {
        "os": {
            "build": "18G8022",
            "rooted": false,
            "kernel_version": "Darwin Kernel Version 18.7.0: Tue Jan 12 22:04:47 PST 2021; root:xnu-4903.278.56~1/RELEASE_X86_64",
            "name": "macOS",
            "version": "10.14.6"
        },
        "device": {
            "free_memory": 283066368,
            "arch": "x86",
            "family": "macOS",
            "memory_size": 17179869184,
            "storage_size": 499963174912,
            "model": "MacBookPro14,2",
            "boot_time": "2021-03-14T18:14:09Z",
            "timezone": "PDT",
            "usable_memory": 15576420352
        },
        "app": {
            "app_id": "C38BD1AA-8B7E-30F3-808B-2B629B04D672",
            "app_version": "10.26.1",
            "app_identifier": "com.jamfsoftware.selfservice.mac",
            "app_start_time": "2021-03-18T22:42:43Z",
            "device_app_hash": "e78a4fc34f8af9527fbfb72c3f30a8835e80a136",
            "app_build": "10.26.1-t1606923553",
            "build_type": "unknown",
            "app_name": "Self Service"
        }
    },
    "event_id": "6bad52a64f6249a090d5c522bd2feed6"
}

There doesn't appear to be any data tying this app to any specific customer. Perhaps we've stumbled upon one of the ways that Jamf measures the number of devices using its applications?

I was tasked to help configure EDR and thought of getting Little Snitch with the idea to utilize it on a clean machine to help establish a baseline. It has been a while since I used the app (previously licensed for version 3)

I too have noticed calls to that domain when Self Service is launched and wanted to add my notes to this thread, however I see you have already posted an update.

IMHO need to trust your MDM (or switch to a different platform). I'm not super concerned with the data gathered with this method, but Jamf should be more transparent about the fact and I expect them to be more transparent.