Jamf Pro Logs
Connecting Jamf Pro logs to your Panther Console
To connect these logs into Panther:
- 1.Log in to the Panther Console.
- 2.In the left sidebar, click Configure > Log Sources.
- 3.Click Create New.
- 4.Search for the log type you want to onboard, then click its tile.
- 5.Select the data transport method you wish to use for this integration, then follow Panther's instructions for configuring the method:
- 6.Set up your Data Transport in the Panther Console.
- Please follow Panther’s documentation for configuring the Data Transport option via an AWS S3 bucket.
- 7.Configure Jamf Pro to push logs to the Data Transport source.
- See Jamf's documentation for instructions on how to push logs to a S3 bucket that's configured to allow Panther to read from.
Required fields in the schema are listed as "required: true" just below the "name" field.
Login events into Jamf Pro itself.
- name: ipAddress
description: IP Address that started the request
- name: username
description: Username of the account
- name: status
description: The status of the login request
- name: entryPoint
description: The method used to login. Either Single Sign On, Universal API or Unknown
- name: timestamp
description: Login timestamp