Summarization helps limit the frequency of collecting certain types of data, protecting from unexpected and excessive data collection volume. Jamf Protect summarizes materially similar events monitored on host computers and reports them as summary events. Summary events contain information about the activity that was summarized and the indicators used by Jamf Protect to identify it as materially similar. Jamf Protect administrators encountering frequently repeated event summarization should review the related summary events and create custom exceptions to ignore known-safe activity.
Summarization applies to telemetry collected for data forwarding by Jamf Protect Cloud or directly to data endpoints using an action.
Summarization measures apply strictly to telemetry monitoring and reporting and do not impact active protections provided by endpoint threat prevention, device controls or other threat protection features.
For more information about summary events, see the summary event page in the Jamf Protect Telemetry Data Model Documentation.
Learning Hub Login Required
To access this content, log in to the Jamf Learning Hub with a valid Jamf ID.