- Jamf Nation Community
- Products
- Jamf Pro
- Extension Attribute for Cortex XDR version
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 10:47 AM
I suck at writing extension attributes... I need one that will determine the version number currently installed on a Mac. I have a Smart group setup to filter out current versions, leaving computers with old versions. I need the EA so when I pull a report, I can not only see what version is installed, but compare it to the macOS that is installed on that same machine. Is there a tool or something to help create an EA like this?
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 04:42 PM
I tried your code, just to see if it worked and it didn't. So I fired up ChatGPT and gave it a go and with a couple tweaks to the code it provided, I found a workable solution.
#!/bin/bash
# Path to the Cortex XDR app
CORTEX_XDR_APP="/Applications/Cortex XDR.app"
if [ -d "$CORTEX_XDR_APP" ]; then
# Get the version number from the app's Info.plist
CORTEX_XDR_VERSION=$(defaults read "$CORTEX_XDR_APP/Contents/Info.plist" CFBundleShortVersionString)
echo "<result>$CORTEX_XDR_VERSION</result>"
else
echo "<result>Not Installed</result>"
fi
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 11:58 AM
Getting the syntax right is tough, especially when you're not used to writing them. That said, this is a wonderful use of ChatGPT. This kind of thing is where it generally excels. You still need to test and verify what it's spitting out to you, but it does this kind of thing well and much faster.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 12:02 PM
I'm game to try. How would I even word the request? I have used ChatGPT exactly once. LOL
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 01:02 PM
I literally just copy and pasted your question into ChatGPT, and it spit out a pretty complete answer. The more specific you are, the better your response. The answer wasn't perfect but it was pretty close.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 01:04 PM
Certainly! Let's customize the Extension Attribute (EA) script specifically for **Cortex XDR** to determine its installed version on a Mac and compare it with the macOS version.
### **Customized Extension Attribute Script for Cortex XDR**
```bash
#!/bin/bash
# Path to Cortex XDR VersionInfo.plist
versionPlist="/Library/Application Support/PaloAltoNetworks/Traps/VersionInfo.plist"
# Check if the Cortex XDR agent is installed
if [ -f "$versionPlist" ]; then
# Get the Cortex XDR agent version
cortexVersion=$(defaults read "$versionPlist" CFBundleShortVersionString)
else
cortexVersion="Not Installed"
fi
# Get the macOS version
osVersion=$(sw_vers -productVersion)
# Output the result in Jamf-friendly format
echo "<result>Cortex XDR Version: $cortexVersion | macOS Version: $osVersion</result>"
```
### **Explanation of the Script**
- **Path Definition**:
- `versionPlist`: Defines the path to the `VersionInfo.plist` file, which contains the version information for Cortex XDR.
- **Check if Cortex XDR is Installed**:
- The script checks if the `VersionInfo.plist` file exists.
- If it does, it reads the `CFBundleShortVersionString` to get the Cortex XDR version.
- If not, it sets the `cortexVersion` variable to `"Not Installed"`.
- **Get macOS Version**:
- Uses `sw_vers -productVersion` to get the current macOS version.
- **Output**:
- Echoes the result in a format that Jamf can interpret as an Extension Attribute result.
- The output includes both the Cortex XDR version and the macOS version.
### **Steps to Implement the Extension Attribute in Jamf**
1. **Open Jamf Pro**:
- Log in to your Jamf Pro console.
2. **Navigate to Extension Attributes**:
- Go to **Computers** > **Settings** > **Computer Management** > **Extension Attributes**.
3. **Create a New Extension Attribute**:
- Click **New** to create a new Extension Attribute.
4. **Configure the Extension Attribute**:
- **Name**: Enter a descriptive name, e.g., `Cortex XDR and macOS Versions`.
- **Data Type**: Choose `String`.
- **Inventory Display**: Select `General`.
- **Input Type**: Choose `Script`.
5. **Insert the Script**:
- Paste the customized script into the script area.
6. **Save**:
- Click **Save** to store the Extension Attribute.
### **Testing the Extension Attribute**
- **Policy Execution**:
- Run a policy to execute inventory collection on a test Mac to ensure the Extension Attribute is working.
- Alternatively, wait for the next scheduled inventory update.
- **Verify Results**:
- Check the computer's inventory record in Jamf Pro to see if the Extension Attribute is displaying the correct versions.
### **Using the Extension Attribute in Reports**
- **Smart Groups**:
- Create Smart Groups based on the Extension Attribute to identify Macs with outdated versions of Cortex XDR.
- **Advanced Searches**:
- Use the Extension Attribute in Advanced Computer Searches to generate reports.
### **Additional Tips**
- **Ensure Correct Paths**:
- Verify that the path to `VersionInfo.plist` is correct on your Macs. Some installations might use a different path or filename.
- **Alternate Method Using `sysctl`**:
- If the above method doesn't work, you can try using `sysctl` to get the Cortex XDR version:
```bash
#!/bin/bash
# Check if Cortex XDR is installed by checking sysctl cs.version
if sysctl cs.version >/dev/null 2>&1; then
cortexVersion=$(sysctl -n cs.version)
else
cortexVersion="Not Installed"
fi
# Get the macOS version
osVersion=$(sw_vers -productVersion)
# Output the result
echo "<result>Cortex XDR Version: $cortexVersion | macOS Version: $osVersion</result>"
```
- **Testing Locally**:
- Before deploying the EA, test the script locally on a Mac by running it in Terminal to ensure it returns the expected results.
### **Troubleshooting**
- **Permission Issues**:
- Ensure that the Jamf agent has the necessary permissions to read the `VersionInfo.plist` file.
- **Different Installation Paths**:
- If you have customized the installation of Cortex XDR, adjust the script to point to the correct paths.
- **Script Debugging**:
- Add `echo` statements or use `set -x` at the beginning of the script for debugging purposes.
### **Conclusion**
By customizing the script for Cortex XDR, you can now collect both the Cortex XDR version and the macOS version across your managed Macs. This information can help you maintain compliance, ensure security, and streamline your update processes.
---
If you have any further questions or need additional assistance, feel free to ask!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-16-2024 04:42 PM
I tried your code, just to see if it worked and it didn't. So I fired up ChatGPT and gave it a go and with a couple tweaks to the code it provided, I found a workable solution.
#!/bin/bash
# Path to the Cortex XDR app
CORTEX_XDR_APP="/Applications/Cortex XDR.app"
if [ -d "$CORTEX_XDR_APP" ]; then
# Get the version number from the app's Info.plist
CORTEX_XDR_VERSION=$(defaults read "$CORTEX_XDR_APP/Contents/Info.plist" CFBundleShortVersionString)
echo "<result>$CORTEX_XDR_VERSION</result>"
else
echo "<result>Not Installed</result>"
fi