Jamf
Visualize Jamf admins, users, groups, devices, and profiles, map Jamf users to employees, and monitor changes through queries and alerts.
- Installation guide
- Jamf data model
- Jamf types
Installation
To use this integration, JupiterOne requires your Jamf hostname to interact with the API as well as a user's username and password used to authenticate with Jamf.
The JupiterOne integration uses the Classic API to fetch Jamf data.
The JupiterOne integration uses the Barear Authentication token to authorize the APIs.
Required Permissions:
- Read - Jamf Pro User Accounts & Groups
- Read - Users
- Read - Mobile Devices
- Read - Computers
- Read - Advanced Computer Searches
- Read - macOS Configuration Profiles
Configuration in JupiterOne
To install the Jamf integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Jamf. Click New Instance to begin configuring your integration, providing the following:
Account Name used to identify the Jamf account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen the AccountName option is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.Hostname of your Jamf organization.
Username used to authenticate with Jamf.
Password associated with the username.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | jamf_account | Account |
| Admin | jamf_user | User |
| Computer | user_endpoint | Device, Host |
| Computer Group | jamf_computer_group | Group |
| Group | jamf_group | UserGroup |
| Mobile Device | mobile_device | Device |
| User | device_user | User |
| macOS Configuration Profile | jamf_osx_configuration_profile | Configuration |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
device_user | OWNS | mobile_device |
device_user | OWNS | user_endpoint |
jamf_account | HAS | device_user |
jamf_account | HAS | jamf_group |
jamf_account | HAS | jamf_osx_configuration_profile |
jamf_account | HAS | jamf_user |
jamf_account | HAS | mobile_device |
jamf_account | HAS | user_endpoint |
jamf_computer_group | HAS | user_endpoint |
jamf_group | HAS | jamf_user |
user_endpoint | USES | jamf_osx_configuration_profile |
Mapped Relationships
The following mapped relationships are created:
Source Entity _type | Relationship _class | Target Entity _type | Direction |
|---|---|---|---|
jamf_local_account | USES | *user_endpoint* | REVERSE |
user_endpoint | INSTALLED | *macos_app* | FORWARD |
Jamf Account
jamf_account inherits from Account
| Property | Type | Description | Specifications |
|---|---|---|---|
name * | string |
Jamf Group
jamf_group inherits from UserGroup
| Property | Type | Description | Specifications |
|---|---|---|---|
accessLevel | string | ||
privilegeSet | string |
Jamf User
jamf_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
admin * | boolean | ||
directoryUser | boolean | ||
fullName | string | ||
email | string | ||
emailAddress | string | ||
active * | boolean | ||
enabled | string | ||
forcePasswordChange | boolean | ||
accessLevel | string | ||
privilegeSet | string | ||
permissions | array of strings |
Device User
device_user inherits from User
| Property | Type | Description | Specifications |
|---|---|---|---|
fullName | string | ||
os * | array of strings | ||
emailAddress | string | ||
phoneNumber | string | ||
position | string | ||
enableCustomPhotoUrl | boolean | ||
customPhotoUrl | string | ||
ldapServer | string | ||
totalVppCodeCount | number |
Jamf Osx Configuration Profile
jamf_osx_configuration_profile inherits from Configuration
| Property | Type | Description | Specifications |
|---|---|---|---|
description * | string | ||
siteName * | string | ||
categoryName * | string | ||
distributionMethod * | string | ||
userRemovable * | boolean | ||
level * | string | ||
redeployOnUpdate * | string | ||
allComputers * | boolean | ||
allJSSUsers * | boolean |
Mobile Device
mobile_device inherits from Device
| Property | Type | Description | Specifications |
|---|---|---|---|
deviceName * | string | ||
udid * | string | ||
serialNumber * | string | ||
phoneNumber * | string | ||
wifiMacAddress * | string | ||
macAddress * | string | ||
managed * | boolean | ||
supervised * | boolean | ||
modelIdentifier * | string | ||
modelDisplay * | string | ||
username | string | ||
email | string | ||
capacity | number | ||
osType | string | ||
locatorServiceEnabled | boolean | ||
cloudBackupEnabled | boolean | ||
lastBackupOn | number | ||
dataProtectionEnabled | boolean | ||
blockLevelEncryption | boolean | ||
fileLevelEncryption | boolean | ||
hasPasscode | boolean | ||
passcodeCompliant | boolean | ||
profileCompliant | boolean | ||
passcodeLockGracePeriodEnforced | string | ||
activationLockEnabled | boolean | ||
jailbroken | string |
User Endpoint
user_endpoint inherits from Device, Host
| Property | Type | Description | Specifications |
|---|---|---|---|
name * | string | ||
realName | string | ||
managed * | boolean | ||
deviceType * | string | ||
department * | string | ||
building * | string | ||
udid * | string | ||
lastReportedOn | number | ||
gatekeeperEnabled | boolean | ||
systemIntegrityProtectionEnabled | boolean | ||
username | string | ||
model | string |
Jamf Computer Group
jamf_computer_group inherits from Group
| Property | Type | Description | Specifications |
|---|---|---|---|
name * | string |