munkireport/detectx

Module for munkireport.

Maintainers

Details

github.com/munkireport/detectx

Source

Issues

Installs: 8 242

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 7

Forks: 3

Open Issues: 1

v2.2 2019-09-19 18:07 UTC

MIT 11d867ee3536e26213488ca5635d7b5c0863ab04

This package is auto-updated.

Last update: 2024-04-26 18:14:23 UTC

README

Admins are responsible for creating their own launch daemon that runs DetectX and provides the results data to:

/usr/local/munkireport/scripts/cache/

Module pulls data from DetectX Swift (requires Pro or Management License!) results json. It does not run DetectX!

Differences between Infection and Issue: - Infections are things that DTXS can’t remove simply by deleting files. - So, for example, they may include modifications of essential files or system settings. - If you ever get an infection, the best course of action is to contact support@sqwarq.com with details so that you can remediate it.

  • Issues are something DTXS can deal with by simple file deletion and restart of the system

Example Launch Daemon (also included is an example package build for munkipkg under the package directory)

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>DetectX All User Run</string>
    <key>ProgramArguments</key>
    <array>
        <string>/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift</string>
        <string>search</string>
        <string>-aj</string>
        <string>/usr/local/munkireport/scripts/cache/detectx.json</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>