can i create a smart group based on the status of a policy?

guliciuk
New Contributor III

i need to replace an AV solution on a big nr of macbooks.
i want to create a smart group with the laptops that have successfully uninstalled the old AV ( using the policy status) and apply the install policy for the new AV on that smart group.

The issue is that i have no clue if this smart group can be done . Maybe with Extension Attributes?

Does anyone has any ideeas about this, or an alternate solution? I can't just wait for all the PC's to uninstall the old AV, might take a few days for this to finish and remaining without a AV solution in that time is impossible for me.

6 REPLIES 6

sdagley
Esteemed Contributor II

@adrian.guliciuc I'd recommend having an EA that checks to see if the old AV is installed, and use that as the criteria to check for not installed in a Smart Group to target for installation of your new AV. And have another EA to check for the new AV being installed, and use that as the criteria in a Smart Group to exclude in your policy that deploys the new AV software.

guliciuk
New Contributor III

Yeah, i thought of using EA, it's just that i'm not very sure how to create one to check for a specific software. And i'm not sure how often it updates the result.

Madmax85
New Contributor III

You should be able to use an EA like @sdagley mentioned to check if the old AV is installed or missing and then create a smart groups off of that to use for your policies.

As far as how often the result is updated for the computer record, it should update whenever the computer's inventory updates. Ours is set to once every day. You could also update inventory as part of your policy under the Maintenance section -> "Update Inventory" which would force an inventory update for that computer once the policy runs.

Here's a script we use in an EA to check if Carbon Black is installed for example:

#!/bin/bash

if [[ -d /Applications/CarbonBlack/ ]]; then
echo "<result>Installed</result>"
else
echo "<result>Missing</result>"
fi

sdagley
Esteemed Contributor II

@adrian.guliciuc EAs that are scripts are run every time a Mac collects inventory, and that's going to depend on how your Jamf Pro system is configured, and if you trigger an inventory in your policies (you'd definitely want to trigger an inventory scan in the policy that's removing or installing AV software).

As for how to write an EA script to check for specific software, that's going to depend on the software. You will find may examples to build from, or even directly usable, by searching Jamf Nation.

mm2270
Legendary Contributor III

If the software in question lives in a standard application path, like in /Applications/, then an EA might not be needed, since that would be captured (absence of it, or existence of it) during a regular inventory collection.
If the software doesn't live somewhere standard, or there are multiple pieces to it, like some special library files or other components that all need to be checked on, then you'd probably have to craft an EA to be sure its really uninstalled.

guliciuk
New Contributor III

@mm2270 You just gave me a very nice idea to mix EA with regular inventory collections as an redundancy check. Thanks for the help , everyone!!