Skip to main content
Question

Jamf Protect Analytic Remediation

  • September 23, 2021
  • 1 reply
  • 21 views

Forum|alt.badge.img+1

We are in the early stages of deploying Jamf Protect at our organization and my question is around analytics and remediation steps.  I know you can configure Jamf Protect to update analytic actions to add to Jamf Pro Smart Computer Groups. 

 

Should the process be creating a smart computer group aligned with each individual analytic?  There's not a ton of documentation around remediation steps so I was curious to see what everyone else was doing to handle this?

1 reply

ThijsX
Forum|alt.badge.img+20
  • Employee
  • October 20, 2021

Hi @mrose50 

There are a couple of options;

- Per Analytic you want to do a remediation with Jamf Pro you can define a custom value which will be set in the Computers record -> Extension Attribute and create a specific workflow for this type of alert/analytic.

- For more common Analytics you want to do a remediation with Jamf Pro you can set a value like "Medium_Severity_Alert" for all those Analytics you want to do the same workflow with Protect and Pro.

The Jamf Protect documentation has been updated recently, see the first section for a similar workflow.
https://docs.jamf.com/jamf-protect/documentation/Setting_Up_Analytic_Remediation_With_Jamf_Pro.html

Hopefully this does make sense!

Cheers

Thijs