santa
santa copied to clipboard
google
Issue with agent reading Santa config
Hello,
I am trying to do a POC without a sync server and am having issues having the Santa configuration profile rules propagate to the client. I am using Jamf. The system extension and full disk access appear to be working as expected but no matter what I try the custom payload (config with the rules) doesn't seem to correctly apply.
I haven't seen anything obvious in /var/db/santa/santa.log and have been using santactl status and trying to see if the rule count > 0 to see if it has deployed. I do see the custom payload when browsing to the installed configuration profiles so it is reaching the machine.
I am not clear on what step is missing here.
FWIW I have tried to deploy both the default template as well as a few slimmed-down versions I modified--nothing changes the rule count from zero though.
Any help is appreciated.
ps aux | grep santa
username 22962 0.0 0.0 408499936 976 s000 R+ 12:44PM 0:00.00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS --exclude-dir=.git --exclude-dir=.hg --exclude-dir=.svn --exclude-dir=.idea --exclude-dir=.tox santa
nobody 21733 0.0 0.0 408828400 7040 ?? Ss 12:25PM 0:00.02 /Applications/Santa.app/Contents/MacOS/santametricservice --syslog
root 20488 0.0 0.2 409978752 107600 ?? Rs 12:00PM 0:04.42 /Library/SystemExtensions/DB955CF8-AFA0-48F8-A287-505C06491F03/com.google.santa.daemon.systemextension/Contents/MacOS/com.google.santa.daemon
santactl status
Daemon Info
Mode | Monitor
Log Type | file
File Logging | No
USB Blocking | No
On Start USB Options | None
Watchdog CPU Events | 0 (Peak: 1.83%)
Watchdog RAM Events | 0 (Peak: 105.09MB)
Cache Info
Root cache count | 92
Non-root cache count | 0
Database Info
Binary Rules | 0
Certificate Rules | 0
TeamID Rules | 0
SigningID Rules | 0
Compiler Rules | 0
Transitive Rules | 0
Events Pending Upload | 0
Watch Items
Enabled | No
