Jamf Protect

Jamf Protect is a cross-platform enterprise endpoint and network security solution that provides administrators and security professionals the ability to protect devices using a holistic offering of security capabilities.

Integration Method: API
Tables: Detection Finding, File Hosting Activity and Process Activity

JAMF Configuration

Before configuring the data source in the DataBee UI, you need to set up an API client in the Jamf Protect dashboard to obtain the Client ID, Password, and Sub-domain. Below are the steps to follow:

1. Log on to the Jamf Protect dashboard.

2. Under the Navigation Bar click on Administrative.

3. Under Administrative select API Clients.

4. On API Clients window select Create API Client.

5. Add the API Client Name and select Read Only role, then click on save.

6. Under the pop-up window you can find your API Client Password. Make sure to copy and save it as it will not be shown again.

7. Under API Client Summary you can find your Client ID, Access Token URL and Jamf Protect API URL. You can find your subdomain from Access Token URL or Jamf Protect API URL. Here, in the below image the databeenfrprotect represents subdomain.

DataBee Configuration

1. In DataBee UI click on Add new Datasource.

2. Search for Jamf Protect and select it.

3. Click on API Ingest.

4. Enter the required details in the form.

5. Fill in the following information

   1. Authorization Method: Token URL Auth

   2. Username: enter the Client ID generated earlier.

   3. Password: enter the Password generated earlier.

   4. Token URL & API URL: replace <sub_domain> with your specific Sub Domain.

The value of Sub Domain can be found in the Access Token URL or the Jamf Protect API URL displayed in the API Client Summary window earlier.

6. Click Submit