Question

Best API's for Splunk Integration for making Detections?

2 years ago
March 3, 2023
0 replies
0 views

jbondsec

Hi, currently we have JAMF Pro integrated into Splunk.

We want to see the following logs but the API documentation is not clear on what logs they provide.

List of API's: https://developer.jamf.com/jamf-pro/reference/jamf-pro-api

We want log data that reflects the following activities:

JAMF admin login

Permission changes

Malicious Software push

Exclusion groups

Presence of APIs

What is the best way to figure out which API can give us these logs without trying out each API manually and digging through data.

Be the first to reply!

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

WWDC25 Recap, In-Person Experience and Key Announcements for IT Admins

Preparing to Migrate to Jamf Cloud

Announcing Vulnerability Data Stream in Jamf Security Cloud

You Still Use a Printer?

IT Systems Administrator

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings