Overview
This document outlines the procedure on how to install the Uptycs osquery agent on macOS using Jamf.
If you are already familiar with Jamf, please use the attached UptycsOsquery.plist and UptycsOsquery.mobileconfig files to setup Uptycs osquery using Jamf
Procedure
There are 5 steps involved to successfully install Uptycs osquery agent on macOS using Jamf
Step 1:
Downloading osquery installer file from the Uptycs portal.
- Login to your Uptycs tenant
- Go to Software Downloads in the left pane, and under Mac OS X, Apple OS X, macOS select the package and download to your local computer.
---------------------------------------------------------------------------------------------------------------------
Step 2:
Uploading the osquery installer/package into your Jamf Pro Account/Server
- Login to your Jamf Pro account ( for example: https://<company-name>.jamfcloud.com/index.html )
- Under Computers tab, click on Management Settings in the left pane to go into Computer management tab.
- Select Packages and click on New on the top right corner
- We will now be in the New Package window with 3 tabs (General, Options, Limitations)
- under General tab:
- Provide the Display Name for the package
- Select the Category as Native Third-Party Software
- Upload the manifest file (.plist file) provided to you by Uptycs (you can also download from the attachments here)
- Fill in the Info and Notes sections (optional)
- under Options tab:
- We can set Priority to use for deploying or uninstalling the package (optional)
- FUT and FEU options are to be selected only for .dmg files, so feel free to ignore these check boxes.
- If you want the system to restart after the installation or un-installation, enable the Requires restart check box. If not, leave it un-checked.
- under Limitations tab:
- We can set the operating system requirements, and only install the package if the software update for it is available (optional)
- Verify the settings and click on save icon at the bottom right corner of the page.
We have now successfully uploaded the Uptycs osquery installer to Jamf server.
---------------------------------------------------------------------------------------------------------------------
Step 3:
Creating a Policy and linking the osquery installer file
- Under Content management, click Policies and then click on New on the top right
- In the New Policy page there are 4 tabs (Options, Scope, Self Service, User Integratiion)
- under Options tab:
- under General section:
- provide the Display Name for the policy
- leave the Enabled check box intact
- select the Site accordingly
- select the Category as Native Third-Party Software
- enable the Recurring Check-in check box
- enable the Custom check box if needed and give the custom event to initiate the polocy (optional)
- select the Execution Frequency as Once per computer (important)
- under Packages section:
- click Configure
- select the uploaded osquery package and click on Add.
- We can ignore the other sections under Options tab, or configure them as needed per your requirements
- We can also ignore the Self Service, User Integratiion tabs, or configure them as needed per your requirements
- We will look into the Scope tab in Step 5 because once the scope is set in the policy the installation of the package happens on the target device(s). So before we do that, let's finish step 4.
---------------------------------------------------------------------------------------------------------------------
Step 4:
Importing the .mobileconfig file provided by Uptycs into the Jamf's Configuration Profiles option, and verifying the settings.
- Under Configuration Profiles, click Upload
- Browse the .mobileconfig file provided to you by Uptycs (you can also download from the attachments here) and import it.
- Once the import is done, click on the profile and select edit on the bottom right corner of the page
- Verify to make sure all the settings are imported correctly under Options tab. Please
contact Uptycs support if you have any questions about the profile.
---------------------------------------------------------------------------------------------------------------------
Step 5:
Scoping the Configuration Profile and the Policy that we created to deploy on the target device(s) to successfully install osquery
Scoping the Configuration Profile:
- Go to the Configuration Profile and click Edit. Under Scope tab, we can see there are 3 sub tabs (Targets, Limitations, Exclusions)
- under Targets tab, click on Add to add a new deployment target. This target can be from one of the below options
- Computers
- Computer Groups
- Users
- User Groups
- Buildings
- Departments
- Click
save icon on the bottom right and it will successfully install the configuration profile on to the target device that's set.
Scoping the Policy:
- Go to the Policies, and click on the osquery policy that we created.
- Click Edit on the right bottom corner
- Under Scope tab, we can see the same 3 sub tabs (Targets, Limitations, Exclusions)
- under Targets tab, click on Add to add a new deployment target. This target can be from one of the below options
- Computers
- Computer Groups
- Users
- User Groups
- Buildings
- Departments
- Click
save icon on the bottom right and it will successfully install the policy on to the target device that's set.