Jamf Pro
Jamf Pro is a device management tool primarily used in the Apple ecosystem that remotely connects, manages, and protects Apple users, devices and services. You can bring computer, mobile device, person, and software data from Jamf Pro into Brinqa to construct a unified view of your attack surface and strengthen your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Jamf Pro and how to obtain that information from Jamf. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Jamf Pro from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Jamf with Brinqa:
-
Server URL: The Jamf Server URL. The URL format is
https://jamf.[instance].com. -
Username and Password: The username and password associated with the Jamf user, which must have permissions to log in to the API server and return data.
Create a Jamf user
The Jamf user must have read access to computers and mobile devices in order to retrieve data. To ensure the user account that the Jamf connector uses to access the Jamf Pro server has the appropriate permissions, follow these steps:
-
Log in to your organization's Jamf Pro server as an administrator.
-
Navigate to Management Settings > System > User accounts & groups.
-
Click New.
-
Select Create Standard Account and click Next.
-
Give the new user a user name.
-
For the Privilege Set, select Custom.
-
Under Access Status, select Enabled.
-
Enter the user details, including full name, email address, and password.
-
Click the Privileges tab.
-
Under Jamf Pro Server Objects, locate Computers and Mobile Devices, and select Read for both objects.
-
Click Save.
The above steps describe the minimum requirements for the Jamf connector to work properly. For additional information on Jamf access and privileges, see Jamf Product Documentation on user account and groups.
Additional settings
The Jamf Pro connector contains additional options for specific configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 100. It is not recommended to go over 100.
-
Parallel requests: The maximum number of parallel API requests. The default setting is 8.
-
Skip certificate verification: Select this option to allow for untrusted certificates.
Types of data to retrieve
The Jamf Pro connector can retrieve the following types of data from the Jamf Pro API:
Table 1: Data retrieved from Jamf Pro
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Computer | Yes | Host |
| Installed Software | Yes | Installed package |
| Mobile Device | Yes | Device |
| Person | Yes | Person |
| Software | Yes | Package |
The Jamf Pro connector does not currently support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from Jamf Pro in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
Computer
Table 2: Computer attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| categories | categories |
| computer.uid | uid |
| computer.id | Local variable (jamfId) |
| configurationProfiles.displayName | Local variable (profiles) |
| general.assetTag | Local variable (assetTag) |
| general.declarativeDeviceManagementEnabled | Local variable (declarativeDeviceManagementEnabled) |
| general.enrolledViaAutomatedDeviceEnrollment | Local variable (enrolledViaAutomatedDeviceEnrollment) |
| general.enrollmentMethod | Local variable (enrollmentMethod) |
| general.extensionAttributes.extensionAttributeAsString | Local variable (extensionAttributes) |
| general.itunesStoreAccountActive | Local variable (itunesStoreAccountActive) |
| general.jamfBinaryVersion | Local variable (jamfBinaryVersion) |
| general.lastContactTime | lastSeen |
| general.lastEnrolledDate | Local variable (lastEnrolled) |
| general.lastReportedIp | ipAddresses, publicIpAddresses, privateIpAddresses |
| general.mdmCapable.capable | Local variable (mdmCapable) |
| general.mdmCapable.capableUsers | Local variable (mdmCapableUsers) |
| general.mdmProfileExpiration | Local variable (mdmProfileExpirationDate) |
| general.name | hostnames, name |
| general.remoteManagement.managementUsername | Local variable (managed) |
| general.reportDate | Local variable (lastReported) |
| general.site.name | Local variable (site) |
| general.supervised | Local variable (supervised) |
| general.userApprovedMdm | Local variable (userApprovedMdm) |
| hardware.altMacAddress | macAddresses |
| hardware.macAddress | macAddresses |
| hardware.make | Local variable (make) |
| hardware.model | description |
| hardware.modelIdentifier | Local variable (modelIdentifier) |
| hardware.serialNumber | serialNumber, name |
| operatingSystem.activeDirectoryStatus | Local variable (activeDirectoryStatus) |
| operatingSystem.displayName | operatingSystem, description |
| platform | Local variable (platform) |
| security.activationLockEnabled | Local variable (activationLockEnabled) |
| security.autoLoginDisabled | Local variable (autoLoginDisabled) |
| security.externalBootLevel | Local variable (externalBootLevel) |
| security.firewallEnabled | Local variable (firewallEnabled) |
| security.recoveryLockEnabled | Local variable (recoveryLockEnabled) |
| security.secureBootLevel | Local variable (secureBootLevel) |
| security.sipStatus | Local variable (systemIntegrityProtection) |
| status | status |
| userAndLocation.email | Local variable (ownerEmail) |
| userAndLocation.room | Local variable (room) |
| userAndLocation.username | owner |
Installed Software
Table 3: Installed Software attribute mappings
| Source Field Name | Maps to Attribute |
|---|
| app.path | installPath | | application.bundleId | Local variable | | application.externalVersionId | Local variable | | application.macAppStore | Local variable | | application.sizeMegabytes | Local variable | | application.updateAvailable | Local variable | | computer.application.id | uid | | computer.uid | targets | | type | type |
Mobile Device
Table 4: Mobile Device attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| categories | categories |
| mobileDevice.id | Local variable (jamfId) |
| mobileDevice.model | description, model, name |
| mobileDevice.modelIdentifier | description, name, Local variable (modelIdentifier) |
| mobileDevice.name | description, name |
| mobileDevice.phoneNumber | Local variable (phoneNumber) |
| mobileDevice.serialNumber | serialNumber, name |
| mobileDevice.udid | name, Local variable (udid) |
| mobileDevice.username | owner |
| mobileDevice.uid | uid |
| mobileDevice.type | description |
| now | lastCaptured |
| status | status |
Person
Table 5: Person attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| categories | categories |
| computer.userAndLocation.username | uid |
| userAndLocation.email | |
| userAndLocation.realName | name |
| userAndLocation.username | username |
Software
Table 6: Software attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| application.bundleId | Local variable |
| application.externalVersionId | Local variable |
| application.macAppStore | Local variable |
| application.name | name |
| application.sizeMegabytes | Local variable |
| application.updateAvailable | Local variable |
| application.version | revision |
| application.description | description |
| application.publisher | publisher |
| type | uid |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
APIs
The Jamf Pro connector uses the Jamf Pro API v1 and v2. Specifically, it uses the following endpoints:
Table 7: Jamf Pro API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Computer | GET api/v1/computers-inventory |
| Installed Software | GET api/v1/computers-inventory |
| Mobile Device | GET api/v2/mobile-devices |
| Person | GET api/v1/computers-inventory |
| Software | GET api/v1/computers-inventory |
Changelog
The Jamf Pro connector has undergone the following changes:
3.0.9
- Added support for Data lifecycle management to the Computer and Mobile Device objects.
3.0.8
- Fixed an issue where the Jamf Pro connector was failing to sync the Software object due to an array out-of-bounds exception.
3.0.7
-
Added the following attributes to the Computer object:
- EXTENSION_ATTRIBUTES
- OWNER_EMAIL
- PROFILES
- ROOM
3.0.6
-
Fixed an issue where certain attributes in the Computer object were parsed as a string rather than a boolean.
-
Fixed an issue where the Installed Software and Software syncs were failing.
3.0.5
- Normalized the NAME attribute in the Computer object.
3.0.4
- Added two connector objects, Software and Installed Software.
3.0.3
- Normalized the MAC_ADDRESS attribute in the Computer object.
3.0.1
- Initial Integration+ release.