DEX policies for macOS
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of DEX Policies for macOS
DEX policies for macOS establish guidelines to ensure consistent, secure application usage, reducing the risk of data breaches and enhancing data quality and application performance. These policies facilitate the collection of metrics from macOS devices and applications, promoting efficient data handling within ServiceNow.
Show less
Key Features
- Sudoers Configuration: Defines commands that the servicenow user can execute with sudo privileges, allowing automated scripts to run without a password prompt. This includes various system commands and scripts essential for data collection.
- Application Metrics Collection: Policies like DEX Mac Apps Metrics gather application-related data, such as CPU usage, memory usage, and crash reports, at a specified frequency.
- Device Metrics Collection: DEX Mac Device Metrics policies collect comprehensive system metrics, including uptime and network details, ensuring data is sent to ServiceNow at regular intervals for analysis.
- Change Detection: Features that monitor changes in user login status or device configurations, allowing for real-time data updates.
Key Outcomes
Implementing these DEX policies enables organizations to maintain a secure and compliant environment for macOS applications. Customers can expect improved visibility into application and device performance, helping to identify potential issues before they impact operations. Additionally, ensuring timely data collection supports informed decision-making and enhances overall IT efficiency.
Policies for macOS are guidelines and rules to promote that the application is used in a consistent, secure, and conforming manner. DEX policies your organization to reduce the risk of data breaches, improve data quality and accuracy, and optimize application performance and availability.
For macOS systems, to retrieve the entire data, include the subsequent content to /private/etc/sudoers.d/_servicenow.
# ServiceNow Agent Collector - Sudoers Configuration for macOS
# Command alias for ServiceNow allowed commands
# These commands can be executed by the _servicenow user with sudo privileges
Cmnd_Alias SN_ALLOWED = /usr/bin/powermetrics, \
/usr/bin/mdls, \
/usr/bin/log, \
/usr/bin/log show *, \
/bin/kill, \
/usr/bin/defaults, \
/usr/local/bin/jamf, \
/bin/rm, \
/bin/ls, \
/usr/bin/pgrep, \
/usr/bin/find, \
/usr/bin/pmset, \
/usr/bin/open, \
/Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/app_freeze.sh, \
/Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/zscaler_zpa_reconnect.sh, \
/Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/clear_google_chrome_browsing_data.sh, \
/Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/services.sh, \
/Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/restart_service.sh *, \
/Applications/Zscaler/Zscaler.app/Contents/PlugIns/zscli, \
/Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/elevate_temporary_admin.sh
# ServiceNow user permissions
# _servicenow user can run osqueryi and all SN_ALLOWED commands without password
# SETENV allows environment variables to be preserved
_servicenow ALL=NOPASSWD: SETENV: /Library/Application\ Support/servicenow/agent-client-collector/cache/osquery/bin/osqueryi *, SN_ALLOWED
# Defaults for _servicenow user
# !requiretty: Allow sudo without a TTY (required for automated scripts)
Defaults:_servicenow !requirettyCmnd_Alias SN_ALLOWED = /usr/bin/powermetrics, /usr/bin/mdls, /usr/bin/log, /bin/kill, /usr/bin/defaults, /usr/local/bin/jamf, /bin/rm, /bin/ls, /usr/bin/pgrep, /usr/bin/find, /usr/bin/pmset, /usr/bin/open, /Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/app_freeze.sh, /Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/zscaler_zpa_reconnect.sh, /Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/clear_google_chrome_browsing_data.sh, /bin/sh /Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/services.sh, /bin/sh /Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/restart_service.sh *, /Applications/Zscaler/Zscaler.app/Contents/PlugIns/zscli, /Library/Application\ Support/servicenow/agent-client-collector/cache/acc-dex-modules/bin/scripts/sudo/elevate_temporary_admin.sh
_servicenow ALL=NOPASSWD: SETENV: /Library/Application\ Support/servicenow/agent-client-collector/cache/osquery/bin/osqueryi *, SN_ALLOWED
Defaults:_servicenow !requiretty
Defaults timestamp_timeout=0
Defaults log_allowedNote:
The historical data for an application or device is the information that is kept in the MetricBase database for the past 7
days, while the latest data pertains to the most recent information available.
Policies for Mac — Application
DEX provides the following policies for applications.
| Policy name | Description | Check instances | Frequency | Historical or latest | Check instance parameters |
|---|---|---|---|---|---|
| DEX Mac Apps Metrics | Collects the application metrics in the Mac device and sends metric data to Metric Base. | os.mac.check-app-historical | 5 mins | Historical | cpu_usage, memory_usage, uptime, io_usage_read, io_usage_write, is_running, last_access_time, crashes |
Policies for Mac — Device
DEX provides the following policies for devices.
| Policy name | Description | Check instances | Frequency | Historical or latest | Check instance parameters |
|---|---|---|---|---|---|
| DEX Mac Device Metrics | Collects macOS device metrics and sends the metric data to the ServiceNow instance. | os.mac.check-system-metrics-latest | 24 hours | Latest | uptime, logged_in, firewall_enabled, session_details, disk_details, os_details, cpu_details, battery_details, device_details, network_details, pending_updates, device_events, cpu_usage, memory_details, os_setup_details, last_access_time, reboot_details |
| DEX Mac Device Metrics | Collects macOS device metrics and sends the metric data to MetricBase. | os.mac.check-system-metrics-historical | 5 mins | Historical | disk_usage, io_usage_write, io_usage_read, power_consumption, cpu_usage, memory_details, uptime, crashes, battery_charge_percentage, wifi_transmit_rate, wifi_rssi |
| DEX Mac Device Metrics | Collects data for running macOS processes and sends the data to the ServiceNow instance. | os.mac.check-process-data | 24 hours | N/A | N/A |
| DEX Mac Device Metrics | Collects macOS device metrics and sends the metric data to the ServiceNow instance. |
os.mac.check-sys-compliance-historical |
5 minutes | Historical | N/A |
| DEX Mac Device Metrics | Collects macOS device metrics and sends the metric data to the ServiceNow instance. |
os.mac.check-sys-compliance-latest |
24 Hours | Latest | N/A |
| DEX Mac Device Metrics |
Collects macOS device metrics and sends the metric data to the ServiceNow instance.
Note: If the previous check runs for more than five minutes, the current check gets skipped. |
os.mac.check-energy-consum-historical |
5 minutes | Historical | N/A |
| DEX Mac Device Metrics |
Collects macOS device metrics and sends the metric data to the ServiceNow instance. |
os.mac.check-system-metrics-historical | 30 minutes | Historical | vpn_details |
| DEX Get online macOS user on change | Gets a logged-in user's data on a macOS device whenever there’s a change. | os.mac.check-system-custom-query-on-chan | 60 secs | Latest | query,query_sys_id, query_type |
| DEX Get device configuration on change | Gets a logged-in user's device configuration whenever there’s a change. | os.all.check.internal.get-device-configu | 60 secs | Latest | N/A |
Note:
If you upgrade the Content Playbook plugin on an instance and encounter unexpected policy update issues, see the Troubleshooting: Policy update issues post DEX plugin upgrade [KB1586917] article in the Now Support knowledge base.