Extension Attribute - Zscaler loggedin

aburrow007
New Contributor II

I'm trying to put together an Extension Attribute that will alert me to whether zscaler is logged in or not.

This is what I've come up with.  It works when run locally, and I thought it was working when run through Jamf but I'm noticing that machines are now reporting back as "No" when I have checked and zscaler is correctly logged in.  Just wondering if anyone else has an EA that they use or could tell me what's happening.

Thanks

#!/bin/bash

currentUser=`ls -l /dev/console | awk '{print $3}'`

if (security find-generic-password -l 'com.zscaler.tray'); then
echo "<result>Yes</result>"
else
echo "<result>No</result>"
fi

exit 0
1 ACCEPTED SOLUTION

AlexHoffman
New Contributor III

We use two different Extension attributes, one checks that the Zscaler tunnel is running (so user is logged in) and another to check if the Application is running. 

Tunnel Status is this code

#!/bin/bash

# check for process
PROCESS=$( pgrep ZscalerTunnel )

#see if process is running
if [[ -z "$PROCESS" ]]; then
        RESULT="Not Running"
    else
        RESULT="Running"
fi

#report results
echo "<result>${RESULT}</result>"

Check for Application running is this:

#/bin/bash
if ps auxwww | grep -i ZscalerTunnel | grep root >/dev/null 2>&1; then
RESULT="zscaler running"
else
RESULT="zscaler not running"
fi
echo "<result>$RESULT</result>"

 

View solution in original post

4 REPLIES 4

AlexHoffman
New Contributor III

We use two different Extension attributes, one checks that the Zscaler tunnel is running (so user is logged in) and another to check if the Application is running. 

Tunnel Status is this code

#!/bin/bash

# check for process
PROCESS=$( pgrep ZscalerTunnel )

#see if process is running
if [[ -z "$PROCESS" ]]; then
        RESULT="Not Running"
    else
        RESULT="Running"
fi

#report results
echo "<result>${RESULT}</result>"

Check for Application running is this:

#/bin/bash
if ps auxwww | grep -i ZscalerTunnel | grep root >/dev/null 2>&1; then
RESULT="zscaler running"
else
RESULT="zscaler not running"
fi
echo "<result>$RESULT</result>"

 

swapple
Contributor III

I wonder of there is any way to curl http://ip.zscaler.com to get an outside opinion. 

techfan42
New Contributor II

Your solution helped me with what I was looking for, thank you. I know this has been answered but I thought I would point out one thing. You are storing the currentUser as a variable but not calling that variable. You need to run the security command as the currentUser.

 

#!/bin/bash

currentuser=`ls -l /dev/console | awk '{print $3}'`

if (su - $currentUser -c "security find-generic-password -l 'com.zscaler.tray'"); then
echo "<result>Yes</result>"
else
echo "<result>No</result>"
fi

exit 0