MacOS EDR - Agent Monitoring
M
Mitchell Matter
Does anyone have a recommendation on how to monitor a Mac endpoint running Huntress, that the Huntress agent is functional and healthy? Like on Windows we use our RMM to check that the Huntress service is running and run a powershell script daily to check for if the agent became orphaned.
C
Chris Edmondson
Upvoting this feature! This is frustrating trying to deal with MAC endpoints.
S
Stuart Ashenbrenner
Chris We have some fact scripts that MDM users primarily use, but it should work as a daily check to see if it's running.
https://github.com/huntresslabs/deployment-scripts/tree/main/Addigy/facts
Are you looking for something different?
B
Bjørn Mathisen
Something like this:
## List of processes to check
processes=("HuntressAgent" "HuntressUpdater")
## Check if processes are running
for process in $processes; do
if ! pgrep -x $process > /dev/null; then
errorFound=true
statusMessage+="$process not running. "
fi
done
D
Dusty'la Auer'la
That's basically what we do as well through CW Automate. Our check is rolled into one for Windows and Mac, looking for HuntressAgent and com.huntress.HuntressAgent to be running, run the install script if it isn't running, and it generates tickets for Mac and Windows devices if it still isn't running into our PSA. Automate appears to display Mac services differently, but it seems to work as a catchall.