AUE_create_group

Documentation relative au déploiement hors ligne de Jamf Protect
Solution
Application
Content Type
Documentation technique
Utilities & Services
ft:locale
fr-FR
Création de groupe
Cet évènement est généré lorsqu’un processus effectue un appel système pour créer un nouveau groupe.
Log Level (Niveau du journal)
1
Requiert l’option Verbose (Détaillé)
Non

AUE_create_group Example

Exemple de journal de télémétrie pour une création de groupe.

{
  "exec_chain": {
    "uuid": "10837AD2-6036-4B34-9011-81BC6649D4B8"
  },
  "exec_chain_child": {
    "parent_path": "/sbin/launchd",
    "parent_pid": 1,
    "parent_uuid": "4AB281FE-6D4A-4E79-8508-E91FCA39BA02"
  },
  "header": {
    "time_seconds_epoch": 1657906177,
    "time_milliseconds_offset": 160,
    "version": 11,
    "event_modifier": 0,
    "event_id": 45015,
    "event_name": "AUE_create_group"
  },
  "host_info": {
    "serial_number": "C03WG0H4HDTS",
    "host_name": "Test_MacBook_Pro",
    "osversion": "Version 12.4 (Build 21F79)",
    "host_uuid": "8891C1E2-0AC0-4E4A-844B-EA491B14D115"
  },
  "identity": {
    "signer_id": "com.apple.opendirectoryd",
    "team_id_truncated": false,
    "signer_id_truncated": false,
    "cd_hash": "68d22bdec020f20010bfa9d27cd5f69d78427636",
    "team_id": "",
    "signer_type": 1
  },
  "key": "A4328B3B-87B7-4C4C-8D26-0818C415936D",
  "return": {
    "error": 0,
    "description": "success",
    "return_value": 0
  },
  "subject": {
    "session_id": 100115,
    "group_id": 0,
    "process_name": "/System/Library/PrivateFrameworks/SharePointManagement.framework/XPCServices/SharePointManagementService.xpc/Contents/MacOS/SharePointManagementService",
    "parent_pid": 1,
    "effective_user_name": "root",
    "user_id": 0,
    "group_name": "wheel",
    "parent_uuid": "4AB281FE-6D4A-4E79-8508-E91FCA39BA02",
    "uuid": "10837AD2-6036-4B34-9011-81BC6649D4B8",
    "effective_group_id": 0,
    "process_hash": "b7669ee6de74d11ede0cfe9656986983a2f50fb7",
    "audit_id": 4294967295,
    "responsible_process_id": 343,
    "parent_path": "/sbin/launchd",
    "process_id": 1721,
    "effective_group_name": "wheel",
    "audit_user_name": "",
    "effective_user_id": 0,
    "terminal_id": {
      "type": 4,
      "ip_address": "0.0.0.0",
      "port": 4331
    },
    "responsible_process_name": "/System/Library/PrivateFrameworks/SystemAdministration.framework/XPCServices/writeconfig.xpc/Contents/MacOS/writeconfig",
    "user_name": "root"
  },
  "texts": [
    "Create record type Groups 'com.apple.sharepoint.group.3' node '/Local/Default'"
  ]
}