DEX policies for macOS

  • Release version: Xanadu
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of DEX policies for macOS

    DEX policies for macOS establish guidelines to ensure consistent, secure, and compliant use of applications and devices within your organization. These policies help reduce data breach risks, enhance data quality and accuracy, and optimize application and system performance on macOS endpoints.

    Show full answer Show less

    To enable full data retrieval on macOS systems, specific sudoers file entries are required depending on the Agent version installed. This setup permits the ServiceNow agent to execute necessary commands without requiring a password or a tty session.

    Key Features

    • Application Policies: Collect application metrics such as CPU usage, memory usage, uptime, I/O activity, running status, last access time, and crash counts at 5-minute intervals. These metrics are sent to MetricBase for historical analysis.
    • Device Policies: Collect comprehensive macOS device metrics including uptime, logged-in users, firewall status, session and disk details, OS and CPU information, battery status, network details, pending updates, device events, and energy consumption. These metrics support both historical and latest data views with varying collection frequencies from 60 seconds to 24 hours.
    • Process and Compliance Checks: Gather macOS process data and system compliance metrics periodically to maintain visibility into device health and adherence to organizational standards.
    • Real-Time User and Device Configuration Monitoring: Capture changes in logged-in users and device configurations on macOS devices every 60 seconds to ensure up-to-date information is available.

    Practical Considerations

    • Historical data refers to information stored in MetricBase for the past 7 days, while latest data reflects the most recent device state.
    • Some policies have safeguards such as skipping a current check if the previous one exceeds five minutes to avoid overlap.
    • When upgrading the Content Playbook plugin, be aware of potential policy update issues and consult the Now Support knowledge base article if needed.

    Benefits for ServiceNow Customers

    Implementing these macOS DEX policies enables ServiceNow customers to:

    • Gain detailed, timely insights into macOS application and device performance.
    • Ensure data consistency and security through standardized collection and compliance monitoring.
    • Respond proactively to system events, user changes, and potential security risks.
    • Optimize operational efficiency by leveraging both historical trends and current device states.

    Policies for macOS are guidelines and rules to promote that the application is used in a consistent, secure, and conforming manner. DEX policies your organization to reduce the risk of data breaches, improve data quality and accuracy, and optimize application performance and availability.

    For macOS systems, to retrieve the entire data, include the subsequent content to /etc/sudoers.

    For Agent version 3.4.0 or earlier:
    _servicenow ALL=NOPASSWD: SETENV: /Library/Caches/servicenow/agent-client-collector/osquery/bin/osqueryi *, /usr/bin/mdls, /usr/bin/log, /usr/local/bin/jamf, /bin/kill, /bin/launchctl
Defaults:_servicenow !requiretty
    For Agent version 3.4.1 or later:
    _servicenow ALL=NOPASSWD: SETENV: /Library/Application\ Support/servicenow/agent-client-collector/cache/osquery/bin/osqueryi *, /usr/bin/mdls, /usr/bin/log, /usr/local/bin/jamf, /bin/kill, /bin/launchctl
Defaults:_servicenow !requiretty
    Note:
    The historical data for an application or device is the information that is kept in the MetricBase database for the past 7 days, while the latest data pertains to the most recent information available.

    Policies for Mac — Application

    DEX provides the following policies for applications.
    Policy name Description Check instances Frequency Historical or latest Check instance parameters
    DEX Mac Apps Metrics Collects the application metrics in the Mac device and sends metric data to Metric Base. os.mac.check-app-historical 5 mins Historical cpu_usage, memory_usage, uptime, io_usage_read, io_usage_write, is_running, last_access_time, crashes

    Policies for Mac — Device

    DEX provides the following policies for devices.
    Policy name Description Check instances Frequency Historical or latest Check instance parameters
    DEX Mac Device Metrics Collects macOS device metrics and sends the metric data to the ServiceNow instance. os.mac.check-system-metrics-latest 24 hours Latest uptime, logged_in, firewall_enabled, session_details, disk_details, os_details, cpu_details, battery_details, device_details, network_details, pending_updates, device_events, cpu_usage, memory_details, os_setup_details, last_access_time, reboot_details
    DEX Mac Device Metrics Collects macOS device metrics and sends the metric data to MetricBase. os.mac.check-system-metrics-historical 5 mins Historical disk_usage, io_usage_write, io_usage_read, memory_usage, cpu_usage, memory_details, uptime, crashes, battery_charge_percentage, wifi_transmit_rate, wifi_rssi
    DEX Mac Device Metrics Collects data for running macOS processes and sends the data to the ServiceNow instance. os.mac.check-process-data 24 hours N/A N/A
    DEX Mac Device Metrics Collects macOS device metrics and sends the metric data to the ServiceNow instance.

    os.mac.check-sys-compliance-historical

    		 5 minutes Historical N/A
    DEX Mac Device Metrics Collects macOS device metrics and sends the metric data to the ServiceNow instance.

    os.mac.check-sys-compliance-latest

    		 24 Hours Latest N/A
    DEX Mac Device Metrics
    Collects macOS device metrics and sends the metric data to the ServiceNow instance.
    Note:
    If the previous check runs for more than five minutes, the current check gets skipped.

    os.mac.check-energy-consum-historical

    		 5 minutes Historical energy_consumption
    DEX Mac Device Metrics

    Collects macOS device metrics and sends the metric data to the ServiceNow instance.

    		 os.mac.check-system-metrics-historical 30 minutes Historical vpn_details
    DEX Get online macOS user on change Gets a logged-in user's data on a macOS device whenever there’s a change. os.mac.check-system-custom-query-on-chan 60 secs Latest query,query_sys_id, query_type
    DEX Get device configuration on change Gets a logged-in user's device configuration whenever there’s a change. os.all.check.internal.get-device-configu 60 secs Latest N/A
    Note:
    If you upgrade the Content Playbook plugin on an instance and encounter unexpected policy update issues, see the Troubleshooting: Policy update issues post DEX plugin upgrade [KB1586917] article in the Now Support knowledge base.