Searching for less-than app versions

Jason-
New Contributor II

If a certain app has a bug or a security flaw that is patched in a later version, and I want to know which Macs are still running any unpatched versions, is there no way to easily find that through advanced computer search?  Sure, I could try to export results and manipulate the spreadsheet, but seriously am I missing something?  Because that seems like it should be a very basic search function.

1 ACCEPTED SOLUTION

sdagley
Honored Contributor III

@cbrewer That functionality is actually supported now, but only for Patch Reporting titles. If you've got patch reporting enabled you'll have an option named Patch Reporting Software Title under Show Advanced Criteria when creating a Smart Group. Choose that criteria and you'll get a list of all your active Patch Reporting titles. When you add one of them as a criteria your operator options are is, is not, greater than, less than, greater than or equal, and less than or equal.

View solution in original post

8 REPLIES 8

junjishimazaki
Valued Contributor

Hi, you can create a smart group with 2 criterias. One is the "Application Title" use the "Is" operator with name of the app keep the "And" condition and the second criteria "Application Version" use the "Is not" operator with the version of the latest version of that app.

cbrewer
Valued Contributor II

Some of us prefer using regex matching for this. Regex will allow you to match against a version number or higher. See the following script for help generating the regex.

https://gist.github.com/talkingmoose/2cf20236e665fcd7ec41311d50c89c0e 

cbrewer
Valued Contributor II

And maybe someday Jamf will implement this feature request for higher than or less than application versions.

https://ideas.jamf.com/ideas/JN-I-21264 

sdagley
Honored Contributor III

@cbrewer That functionality is actually supported now, but only for Patch Reporting titles. If you've got patch reporting enabled you'll have an option named Patch Reporting Software Title under Show Advanced Criteria when creating a Smart Group. Choose that criteria and you'll get a list of all your active Patch Reporting titles. When you add one of them as a criteria your operator options are is, is not, greater than, less than, greater than or equal, and less than or equal.

mt-nw
New Contributor

Is it truly implemented though? The feature only works if the application is part of Patch Management. There are a ton of apps that Patch Management doesn't support. So again, we're left with a half-baked 'solution'. Not your fault, of course. I'm just ranting.

sdagley
Honored Contributor III

@mt-nw For things not in Patch Management, or for users who don't have access to Patch Management, using a regex in a Smart Group Application Version criteria works well, and https://github.com/moorereason/make_ge_version_regex/blob/master/make_ge_version_regex.sh,remains my preferred tool for creating those.

sdagley
Honored Contributor III

What @cbrewer said, but if you want the Smart Group to reflect Macs running versions older than the one the regex is created for the criteria would be "Does Not Match Regex".

I'd also suggest using https://github.com/moorereason/make_ge_version_regex/blob/master/make_ge_version_regex.sh, which is an optimized version of https://gist.github.com/talkingmoose/2cf20236e665fcd7ec41311d50c89c0e

 

Jason-
New Contributor II

Thank you for these suggestions, all.  I will look into them!