Jamf Nation Community

We built the following Extension Attribute to capture this a long while back now. I believe this still works as of today, but I need to go back and look to be sure. We don't seem to have that many of our Macs with any current Hot Fixes for McAfee installed. If the file that stores this info isn't present, in my testing, it meant that no HFs were installed. If its there, it captures the contents. Note that it only lists them by their HotFix designation, which is pretty much all you'd need, since there's never really a proper name for them.

Give this a try. You may need to adjust it or experiment with it a bit though.

#!/bin/sh

HFXML="/usr/local/McAfee/AntiMalware/var/HFSP-Version.xml"

if [ -e "${HFXML}" ]; then
    RESULT=$(awk -F'>|<' '/Version[0-9]/{print $3}' "${HFXML}")
    if [ ! -z "$RESULT" ]; then
        echo "<result>${RESULT}</result>"
    else
        echo "<result>None Installed</result>"
    fi
else
    echo "<result>None Installed</result>"
fi

I created an EA and tried both of these scripts in it. Neither script worked for me. I am extremely new to the whole scripting thing, so I am not quite sure what I am doing wrong. The script works when I run it by itself from terminal.

@Philip.kubala Standard question, but, have any of your Macs reported in with new inventory since you set up the EA(s)? Nothing gets populated in a new EA until they do a 'recon'

I completely forgot about that... I just tried it again with both scripts and it is getting an Unknown error when run the sudo jamf recon command from my test machine.

You're getting an "unknown error" when running a sudo jamf recon? If so, that's an issue with the machine, not with the EA or script. Sounds like it needs to be re-enrolled into the Jamf console to me.