Help

Is there an easy documentation for building customized analytics?

n0z
New Contributor

Posted on ‎04-14-2022 02:27 AM

Hello all,

I am looking for a workshop or tutorial guide on creating own Analytics. For example, I would like to create an analytic that identifies the download of certain files by their names.

Are there any materials for this?

0 Kudos
1 REPLY 1

matteo_bolognin
New Contributor II
New Contributor II

Posted on ‎04-14-2022 03:38 AM

A good place where to start could be looking at some of the built-in Analytics that use the GPDownloadEvent Sensor, for example SuspiciousFileDownload or FlashDownloadNotSignedByAdobe.

There is also an example in this post

Files Downloaded from the Internet
Sensor Type: GPDownloadEvent
true == true


The GPDownloadEvent provides visibility into any file that gets downloaded on the system using Apple’s APIs.
For general reference on Custom Analytic and how-to: https://github.com/jamf/jamfprotect/tree/main/custom_analytic_detections