Created
December 4, 2019 00:59
-
-
Save taniacomputer/cf8553413a1ff50fbca76ad0181434a1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is the script content of a Jamf Pro Extension Attribute called | |
# "slack - :lock: Security Health Status" | |
# Because it has "slack -" in its title, our /jamf Slack app will display the output of its results in each Mac's health summary report. | |
# It checks to see if the Mac has SIP and FV enabled and is running the required 3rd party AV agent | |
# Based on the results, it displays the appropriate emoji and also provides appropriate links to relevant kb articles or Jamf Self Service policies. | |
# Author: @taniacomputer | |
# Last modified: 4/12/2019 | |
#!/bin/bash | |
# Self Service URL for the 3rd party antivirus agent | |
AV_URL="jamfselfservice://content?entity=policy&id=123&action=execute" | |
summary="" | |
# Item 1: System Integrity Protection Status | |
sip_status=$(csrutil status | grep "enabled") | |
if [[ -z "$sip_status" ]] | |
then | |
summary="$summary | |
⚠️ SIP (System Integrity Protection) is disabled | |
Please contact #ops to resolve ASAP. | |
<https://support.apple.com/en-au/HT204899|About SIP>" | |
else | |
summary="$summary | |
✅ SIP (System Integrity Protection) is enabled | |
<https://support.apple.com/en-au/HT204899|About SIP>" | |
fi | |
# Item 2: FV Status | |
encryptCheck=$(fdesetup status | grep "FileVault is On.") | |
if [[ -z "$encryptCheck" ]] | |
then | |
summary="$summary | |
⚠️ FileVault is disabled | |
Please contact #ops to resolve | |
<https://support.apple.com/en-au/HT204837|About FileVault>" | |
else | |
summary="$summary | |
✅ FileVault is enabled | |
<https://support.apple.com/en-au/HT204837|About FileVault>" | |
fi | |
# Item 3: AntiVirus Agent Status | |
av_running=$(launchctl list | grep com.example_av.daemon) | |
if [[ -z "$av_running" ]] | |
then | |
summary="$summary | |
⚠️ AV Agent not running. | |
<$AV_URL|Install>" | |
else | |
summary="$summary | |
✅ AV Agent running. | |
<$AV_URL|Reinstall>" | |
fi | |
echo "<result>$summary</result>" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment