Question

Extension Attribute to Detect Stuck MDM Commands Using Logs or API?

8 months ago
November 18, 2024
3 replies
4 views

falc0n
New Contributor
3 replies

Hi Jamf Community,

I’m working on setting up an Extension Attribute (EA) to automatically detect devices with stuck MDM commands (e.g., commands that are pending or failed for an extended period). The goal is to use this EA as a trigger for a self-healing policy that runs once daily for affected devices.

Here’s what I’ve considered so far:

1. API Approach:

• I explored the Jamf API but haven’t found an endpoint that provides detailed or reliable information about stuck commands.

• If there’s a way to identify such commands via the API, I’d love some pointers or examples!

2. Local Machine Logs Approach:

• This seems like the most promising path. My idea is to check logs on the local machine for the last executed MDM command and flag devices where no command has been executed in the past 24 hours (or based on statuses).

• Are there specific logs or methods Can I extract this information programmatically?

If anyone has experience implementing a similar solution or insights into logs, commands, or API usage for this purpose, I’d greatly appreciate your help.

Thanks in advance for sharing your expertise!

+13

Shyamsundar
Jamf Heroes
296 replies
8 months ago
November 18, 2024

I don't believe we have the option to create an EA to find devices with pending or failed MDM commands. Instead, you can issue remote commands to cancel all pending and failed MDM commands. To do this,

open a smart group that contains all the Mac devices
click on "Action
select "Cancel Management Command,"
click "Next"
choose "Cancel all Failed and Pending Commands."

+11

A_Collins
Contributor
85 replies
8 months ago
November 18, 2024

The command you are looking is

curl -X 'GET' \\
  '$yourjssurl/JSSResource/computerhistory/id/cmpJSS_ID(you can get ths with another query)/subset/Commands' \\
  -H 'accept: application/xml' \\
  -H 'Authorization: Bearer $yourtoken'

This will give you all commands history computer has, completed, failed and pending. Then you can filter pending and failed ones using jq or grep/sed

BookMac
Jamf Heroes
74 replies
7 months ago
November 28, 2024

Hey @falc0n,

i've looked for a similar solution and build this here:
Clear_failed_MDM_Commands

Maybe this one helps you?

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

need to access firewall settingsicon

G36 - Add additional Wifi Routericon

SBG10 release / renew DHCP DNS using GUIicon

How to change Wifi name and password on SBV3202icon

how to connect the blink cameras with SBG7600AC2icon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings