Anybody have a best practice for spotting policies that are running out of control?
Occasionally we will find a mis-configured policy that runs every day or every week with no control. Short of spot inspecting policy logs, is there a way anyone knows of to find these kinds of errors?
Well, from within MySQL, you could do some variants of a select.
select policy_id,name from policies where execution_frequency = “ongoing”; and trigger_event_checkin = “1” and use_for_self_service = "0";
for ongoing policies triggered by check in that aren't available in Self Service (since Self Service policies are commonly set to ongoing if they're meant to be always available).
describe policies; will give a list of the different fields that can be used in variants of the above.
Since those are select statements, it's not going to do any harm to the database but, as always, we recommend taking a backup before poking around in the MySQL CLI.
There’s probably a nicer, easier, more script-y or SQL query-like way to do it (that someone else here would be significantly better at than I am), but my first place to jump for things like that is right into MySQL if I’m just looking for a list and not a report.
JAMF Software Support
If anybody is wondering, the above sql query did not function on my DB, but this slightly altered query did:
SELECT policy_id,name FROM policies WHERE execution_frequency = 'ongoing' AND trigger_event_checkin = "1" AND use_for_self_service = "0";