Script Checks for Mac devices
To monitor your Mac devices, you can add system default script checks, or your own user defined script checks, to the devices. When you add a script check to devices, you configure the parameter values you require.
Before you can add a user defined script check to a device, the script must be uploaded to the All Devices view. For instructions to upload a user defined script check, see Add a script to Script Manager.
Default scripts with parameters for Mac devices
Expand the following sections for script descriptions and parameters:
- Queries /Library/Managed Installs/InstallInfo.plist for the installation status of patches deployed via Munki (including Managed Patch).
- Does not report on patches deployed via other methods, including user installation.
- Generates an alert if patch installs fail, or if patches are queued and pending user logout.
- Results are reported in both the Script’s More Information section and in the View the Managed Patch for Mac report.
- Script type: Python
Parameter | Description |
---|---|
Script Timeout Range | Range: 1 - 3600 seconds (default 120 seconds) |
- Queries the computer to determine if FileVault is enabled. The script fails if FileVault is reported as off.
- Script type: Bash
Parameter | Description |
---|---|
Script Timeout Range | Range: 1 - 3600 seconds (default 120 seconds) |
- Queries the computer to determine if the firewall is enabled. The script fails if the firewall is reported as off.
- Script type: Shell
Parameter | Description |
---|---|
Script Timeout Range | Range: 1 - 3600 seconds (default 120 seconds) |
-
Queries the computer to determine if Gatekeeper is enabled. The script fails if Gatekeeper is reported as off.
- Script type: Shell
Parameter | Description |
---|---|
Script Timeout Range | Range: 1 - 3600 seconds (default 120 seconds) |
- Queries the latest Time Machine snapshot to determine the backup status
- Generates an alert if the latest backup date is the specified number of days ago or more.
- Script type: Bash
Parameter | Description |
---|---|
Days without backup | Number of days without a snapshot before the Check fails |
Script Timeout Range | Range: 1 - 3600 seconds (default 120 seconds) |
You can suppress check alerts until the Check failures exceed a configured number of consecutive failures. For more information, see Configure alert thresholds to suppress alerts.
Check configuration
Add a script check to a device
- On the All Devices view North-pane, select the device where you want to add the check.
- In the South-pane, go to the Checks tab.
- Select Add Check and choose the check frequency you want to use — Add 24x7 Check or Add DSC Check.
- Select Script Check.
- Select the target script and select Next.
Scripts are grouped by default script categories (if applicable) and User Defined Scripts depending on the Operating system.
- Configure the parameters for the script.
To add the check to multiple devices at the same time, click Multiple Devices.
- To Run an Automated Task when a check fails, select Assign a Task after creating the Check.
- Click Finish to save and apply.
- If you selected Assign a Task after creating the Check in the step above:
- Select the Automated Task script and select Next to configure.
- Enter any required Command Line parameters or Script parameters and select Next.
- Set maximum permitted execution time for the script (optional).
- Select Finish to save and apply.
Edit
Script Check - Endpoint Detection & Response cannot be edited and can only be removed by uninstalling EDR from the device.
- In the All Devices view North-pane, select the device.
- Go to the Checks tab in the South-pane.
- Right-click the target Script Check and select Edit Check.
- Edit the script details and parameters.
- Select OK to save and apply.
Delete
- In the All Devices view North-pane, select the device.
- Go to the Checks tab in the South-pane.
- Right-click the target check and select Delete Check .
- Enter the password you used to sign into N-sight RMM to confirm removal.
- Select OK to delete.
We provide the mechanism to run your own scripts on your servers and workstations; however, we are not responsible for custom scripts made or used in conjunction with this product. We are not liable for loss incurred from system, hardware or data loss. It is the customer/developer's responsibility to verify the integrity, actions and impact of any custom scripts.
What do you want to do?