elasticmachine
commented
3 days ago Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)
Open jamiehynds opened 2 weeks ago
elasticmachine
commented
3 days ago Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)
We are about to develop an integration with Jamf Pro (epic here) and in order to support the use cases outlined in the epic, we need the ability to ingest device (typically computer & mobile) metadata, similar to our integrations with EntraID and Okta. Information regarding inventory data collection available here: https://learn.jamf.com/en-US/bundle/jamf-pro-security-overview/page/Data_Collection.html
In order to support the ingest of this data, we need to add Jamf as a supported provider to our Entity Analytics input.
To view the use cases we have in mind, please see the dashboard section of the Jamf Pro epic. Details of the relevant API endpoints can also be found in the Architecture section.
We have access to a Jamf Pro instance and @txhaflaire from Jamf is also available for any technical questions we may have as we work through the Jamf integration. @jaredburgettelastic may also have some thoughts of the device fields we need in order to support our Entity Analytics capabilities too.