Due to strong segregation of duties here, we have a lot of people using our JSS. As a result, we do not always know what they are doing with it.
Recently someone added a policy to distribute Adobe Flash. On every check-in. So it was installing every 30 minutes on every workstation.
We do not get notified when someone adds a policy. And we have hundreds of policies. So it’s not feasible for us to regularly scan all policies for bad execution. Thus it's hard to know when something like the above scenario occurs.
Does anyone know of a way to monitor the JSS for things like this? Any 3rd party products, scripts, policies, EA’s, or anything else that could alert us to “Hey, there are thousands of policies executing every hour” or any other such mistakes?
With your configuration, it's likely best if you either use Sites to restrict access, hire someone to monitor policies (watch jamf.log for repetition on the client machine), or invest in large amounts of Makers Mark.
I don't see an easy way to script monitoring. My policies are typically set to execute on every check in on all machines, excluding computer that don't need that thing done.
Technology won't solve this problem...
I guess you could always run a script that is constantly checking jamf.log for the wording when a new policy is created, then email a group to alert them.
But I would recommend you guys create a category called "to review" that new people can put policies in, and others can look at to approve before it goes live.