Question

Group Machines that have Violated Restricted Software

Forum|Forum|9 years ago
September 4, 2016
5 replies
42 views

M

+8

m_higgins
Contributor

Is it possible to make a smart group of machines that have violated a piece of Restricted Software

+18

davidacland
Valued Contributor
Forum|Forum|9 years ago
September 4, 2016

I've just had a look and it doesn't seem to be in the smart group criteria options.

You can use the "has xxxxx application installed" option, but there may be a delay before the info updates if inventory updates are weekly.

Like

M

+8

m_higgins
Author
Contributor
Forum|Forum|9 years ago
September 5, 2016

Yeah I was going to use this, the problem is, we have a particular piece of software that gets removed on Violation. Which then means the smart group doesn't work because they don't have it.

It doesn't even appear in the event logs!!

Like

+19

dpertschi
Contributor
Forum|Forum|9 years ago
September 5, 2016

As I recall restricted software actions are logged in the JSS server log if that helps you at all.

Like

M

+8

m_higgins
Author
Contributor
Forum|Forum|9 years ago
September 5, 2016

I will have to try and have a look. Not sure where the server logs are though

Like

P

+13

PhillyPhoto
Valued Contributor
Forum|Forum|9 years ago
October 5, 2016

A lazy man's way to do this would be emailed on violation, if you don't have direct access to the server log. It would be a lot more labor intensive to translate it all from email to static computer groups, but it is possible. Although a script and the API might work...

Like

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded