Creating an Event Collector for Telemetry Data

Jamf Protect Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

In Splunk, create an HTTP Event Collector for macOS telemetry event data.

  1. In Splunk, navigate to Settings > Data inputs.
  2. In HTTP Event Collector, click + Add new, and then name the event collector:
    • NameJamf Protect Telemetry
    • (Optional) Source Name OverrideJamfProtect
  3. Click Next, and then click Select for Source Type and enter the following:

    jamf:protect:telemetry

  4. Under Available Items, choose the same index you selected for alerts.
  5. Review your settings. If they are correct click Submit.

Jamf Protect telemetry appears as an HTTP Event Collector.