Help

Trigger policy based off console log entry

jpace
New Contributor

Posted on ‎09-26-2018 07:59 AM

Basically I want to call jamfhelper every time the screen saver exits or the screen wakes. Not sure exactly how to do this or if its even possible.

Labels:
0 Kudos
2 REPLIES 2

allanp81
Valued Contributor

Posted on ‎09-26-2018 08:05 AM

I don't think you can, the only regular check a client makes is the checkin period which I think defaults to 15 minutes.

You can run a launchdaemon that in turn runs a script that checks the state of the HID idle time, ie. when was the keyboard or mouse last physically moved or touched.

0 Kudos

ryan_ball
Valued Contributor

Posted on ‎09-26-2018 12:45 PM

I spent more time on this than I should have :) but this might work for you:

#!/bin/bash

log="/Library/Logs/Wake_Monitor/Wake_Monitor.log"
jamfHelper="/Library/Application Support/JAMF/bin/jamfHelper.app/Contents/MacOS/jamfHelper"

function writelog () {
    DATE=$(date +%Y-%m-%d %H:%M:%S)
    /bin/echo "${1}"
    /bin/echo "$DATE" " $1" >> "$log"
}

function wake_monitor () {
    log stream --style syslog | grep --line-buffered 'sendNotificationOf kShieldWindowIsLowered' | 
    while read -r; do
        writelog "Informing user of something with jamfHelper."
        sleep 5
        result=$("$jamfHelper" -windowType utility -title "Example" -description "Press a button!" -button1 "OK" -button2 "Cancel" 2&> /dev/null)
        if [[ "$result" == 0 ]]; then
            writelog "OK was pressed."
        elif [[ "$result" == 2 ]]; then
            writelog "Cancel was pressed."
        fi
     done
}

mkdir -p /Library/Logs/Wake_Monitor

# Begin our never ending loop
while true; do
    wake_monitor
done

This would apply to I think 10.12.6 and above, as syslog is accessed via the log command now. I am on Mojave (10.14) doing my testing. You would have to set up a LaunchDaemon to make this actually work, as it would need to run all the time - big caveat but this would do what you want.