Jamf Protect Analytic Remediation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-23-2021 02:59 PM
We are in the early stages of deploying Jamf Protect at our organization and my question is around analytics and remediation steps. I know you can configure Jamf Protect to update analytic actions to add to Jamf Pro Smart Computer Groups.
Should the process be creating a smart computer group aligned with each individual analytic? There's not a ton of documentation around remediation steps so I was curious to see what everyone else was doing to handle this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-20-2021 03:56 AM
Hi @mrose50
There are a couple of options;
- Per Analytic you want to do a remediation with Jamf Pro you can define a custom value which will be set in the Computers record -> Extension Attribute and create a specific workflow for this type of alert/analytic.
- For more common Analytics you want to do a remediation with Jamf Pro you can set a value like "Medium_Severity_Alert" for all those Analytics you want to do the same workflow with Protect and Pro.
The Jamf Protect documentation has been updated recently, see the first section for a similar workflow.
https://docs.jamf.com/jamf-protect/documentation/Setting_Up_Analytic_Remediation_With_Jamf_Pro.html
Hopefully this does make sense!
Cheers
Thijs