Skip to content
This repository has been archived by the owner on Jul 2, 2024. It is now read-only.

Latest commit

 

History

History
136 lines (104 loc) · 5.8 KB

jupiterone.md

File metadata and controls

136 lines (104 loc) · 5.8 KB

Integration with JupiterOne

Jamf + JupiterOne Integration Benefits

  • Visualize Jamf admins, users, groups, devices, and configuration profiles in the JupiterOne graph.
  • Map Jamf users to employees in your JupiterOne account.
  • Monitor changes to Jamf admins, users, and groups using JupiterOne alerts.
  • Monitor changes to Jamf devices and configuration profiles using JupiterOne alerts.

How it Works

  • JupiterOne periodically fetches users, groups, and other endpoint management resources from Jamf to update the graph.
  • Write JupiterOne queries to review and monitor updates to the graph, or leverage existing queries.
  • Configure alerts to take action when the JupiterOne graph changes, or leverage existing alerts.

Requirements

  • JupiterOne requires a Jamf hostname to interact with the API. JupiterOne also requires a user's username and password used to authenticate with Jamf.
  • You must have permission in JupiterOne to install new integrations.

Support

If you need help with this integration, please contact JupiterOne Support.

Integration Walkthrough

In Jamf

The JupiterOne integration uses the Classic API to fetch Jamf data.

Required Permissions:

  • Read - Jamf Pro User Accounts & Groups
  • Read - Users
  • Read - Mobile Devices
  • Read - Computers
  • Read - Advanced Computer Searches
  • Read - macOS Configuration Profiles

In JupiterOne

  1. From the configuration Gear Icon, select Integrations.
  2. Scroll to the Jamf integration tile and click it.
  3. Click the Add Configuration button and configure the following settings:
  • Enter the Account Name by which you'd like to identify this Jamf account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when Tag with Account Name is checked.
  • Enter a Description that will further assist your team when identifying the integration instance.
  • Select a Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.
  • Enter the Hostname of your Jamf organization.
  • Enter the Username used to authenticate with Jamf.
  • Enter the Password associated with the username.
  1. Click Create Configuration once all values are provided.

How to Uninstall

  1. From the configuration Gear Icon, select Integrations.
  2. Scroll to the Jamf integration tile and click it.
  3. Identify and click the integration to delete.
  4. Click the trash can icon.
  5. Click the Remove button to delete the integration.

Data Model

Entities

The following entities are created:

Resources Entity _type Entity _class
Account jamf_account Account
Admin jamf_user User
Computer user_endpoint Host, Device
Computer Group jamf_computer_group Group
Group jamf_group UserGroup
Mobile Device mobile_device Device
User device_user User
macOS Configuration Profile jamf_osx_configuration_profile Configuration

Relationships

The following relationships are created:

Source Entity _type Relationship _class Target Entity _type
device_user HAS mobile_device
device_user HAS user_endpoint
jamf_account HAS device_user
jamf_account HAS jamf_group
jamf_account HAS mobile_device
jamf_account HAS jamf_osx_configuration_profile
jamf_account HAS jamf_user
jamf_account HAS user_endpoint
jamf_computer_group HAS user_endpoint
jamf_group HAS jamf_user
user_endpoint USES jamf_osx_configuration_profile

Mapped Relationships

The following mapped relationships are created:

Source Entity _type Relationship _class Target Entity _type Direction
jamf_local_account USES *user_endpoint* REVERSE
user_endpoint INSTALLED *macos_app* FORWARD