I'm looking to give a specific user access to flush specific computer logs on a policy. This is to allow SecOps to re-run policies that are set to once per computer. I set custom permissions as follows:
Jamf Pro Server Objects > Policies > Read
Jamf Pro Server Actions > Flush Policy Logs
This allows the user account to view the Policy and the associated logs, but clicking the "Flush" button on the log does not take any action. They are able to "Flush All" on the logs, but that would defeat the purpose of being able to re-run the policy on one specific computer. If I also enable Jamf Pro Server Objects > Policies > Update, the user is able to flush specific computer logs on the policies, but I do not wish to grant them access to change all of the policies present in Jamf.
From what I've read, the API isn't able to flush specific computer logs so I am unable to create a tool that utilizes the API for this goal.
I'm hoping for any suggestions on the feasibility of my request or permissions you have used to accomplish similar feats.
Solved! Go to Solution.