Use this integration to fetch audit logs, alerts and computer events from Jamf Protect as events in Cortex XSIAM.
JamfProtect
- Details
- Content
- Dependencies
- Version History
Apple Mobile and Mac endpoint protection
Integrations
| Name | Description |
|---|---|
| Jamf Protect Event Collector |
Modeling Rules
| Name | Description |
|---|---|
JamfProtect Modeling Rule |
1.1.3 - 1574765 (October 31, 2024)
- 37013
Integrations
Jamf Protect Event Collector
- Added logging of erroneous responses.
- 37013
1.1.2 - 1502510 (October 13, 2024)
- 36706
Integrations
Jamf Protect Event Collector
- Fixed an issue where one of the code variable was not initiated properly, causing the collector to potentialy fail upon computer events fetch.
- 36706
1.1.1 - 1294770 (August 21, 2024)
- 35924
Modeling Rules
JamfProtect Modeling Rule
Improved implementation of xdm.observer.action field's mapping.
- 35924
1.1.0 - 1242168 (August 5, 2024)
- 34697
- 35607
Integrations
Jamf Protect Event Collector
- Added the computer events to the event collector.
- Updated the Docker image to: demisto/python3:3.11.9.105369.
Modeling Rules
JamfProtect Modeling Rule
Added a mapping for new source log type - "Computers".
Added a case sensitivity flag that is equal to true.
Added new fields for the event description.
Added new fields for the operation sub-type.
- 34697
- 35607
1.0.0 - 1137281 (March 20, 2024)
Apple Mobile and Mac endpoint protection
PUBLISHER
PLATFORMS
Cortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | March 20, 2024 | |
| Last Release | October 31, 2024 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
