Help

Jamf Protect Analytic Remediation

mrose50
New Contributor

Posted on ‎09-23-2021 02:59 PM

We are in the early stages of deploying Jamf Protect at our organization and my question is around analytics and remediation steps.  I know you can configure Jamf Protect to update analytic actions to add to Jamf Pro Smart Computer Groups. 

 

Should the process be creating a smart computer group aligned with each individual analytic?  There's not a ton of documentation around remediation steps so I was curious to see what everyone else was doing to handle this?

Reply
1 REPLY 1

ThijsX
Valued Contributor
Valued Contributor

Posted on ‎10-20-2021 03:56 AM

Hi @mrose50 

There are a couple of options;

- Per Analytic you want to do a remediation with Jamf Pro you can define a custom value which will be set in the Computers record -> Extension Attribute and create a specific workflow for this type of alert/analytic.

- For more common Analytics you want to do a remediation with Jamf Pro you can set a value like "Medium_Severity_Alert" for all those Analytics you want to do the same workflow with Protect and Pro.

The Jamf Protect documentation has been updated recently, see the first section for a similar workflow.
https://docs.jamf.com/jamf-protect/documentation/Setting_Up_Analytic_Remediation_With_Jamf_Pro.html

Hopefully this does make sense!

Cheers

Thijs

0 Kudos
Reply