Installing and Enabling the Jamf Protect Integration for Elastic

Jamf Protect Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US
Requirements

  • Access to your organization's Elastic instance

  • Access to Kibana for visualizing and managing data

  • Access to Elasticsearch for storing and searching data.

  1. In your Elastic instance, click the hamburger menu in the upper-left corner of the screen to expand the Manage this deployment menu.
  2. Click Add Integrations from the bottom of the menu.
  3. Enter Jamf Protect in the search field on the integrations screen.
  4. Click the Jamf Protect integration search result.
  5. Click Add Jamf Protect in the upper-right area of the screen.
  6. (Optional) Follow the instructions provided by Elastic to install the Elastic agent and confirm the Elastic agent is receiving incoming data.

    While configuring the Elastic agent, you choose whether you want to collect logs using an HTTP endpoint or AWS S3.

Depending on how you chose to collect data, you can now configure one of the following in the macOS Security portal: