Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 08:58:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 114

add macOS Ventura hardware check (#6494)

Browse source 
Adds a new policy to check for macOS Ventura. Adapted from https://gist.github.com/erikng/b1acc0e07f510f9378f6f78f3d7a7342
This commit is contained in:
Erik Gomez 2022-07-05 16:39:25 -05:00 committed by GitHub
parent 943a1188f1
commit 2e2b5e7c1b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
View file

@ -724,4 +724,16 @@ spec:
tags: compliance, hardening, built-in
platform: windows
contributors: GuillaumeRoss
---
apiVersion: v1
kind: policy
spec:
name: Capable of running macOS 13 (Ventura)
query: SELECT 1 FROM (SELECT value from kolide_ioreg where c = 'IOPlatformExpertDevice' and d = 1 and r=1 and key = 'model' UNION SELECT value from kolide_ioreg where c = 'IOPlatformExpertDevice' and d = 1 and r=1 and key = 'board-id' UNION SELECT value from kolide_ioreg where c = 'IOPlatformExpertDevice' and d = 1 and r=1 and key = 'bridge-model') WHERE (value like 'iMac18,1' or value like 'iMac18,3' or value like 'iMac19,1' or value like 'iMac18,2' or value like 'iMac19,2' or value like 'iMac20,1' or value like 'iMac20,2' or value like 'iMac21,1' or value like 'iMac21,2' or value like 'iMacPro1,1' or value like 'Mac13,1' or value like 'Mac13,2' or value like 'Mac14,2' or value like 'Mac14,7' or value like 'MacBook10,1' or value like 'MacBookAir8,2' or value like 'MacBookAir8,1' or value like 'MacBookAir9,1' or value like 'MacBookAir10,1' or value like 'MacBookPro14,1' or value like 'MacBookPro14,2' or value like 'MacBookPro14,3' or value like 'MacBookPro15,1' or value like 'MacBookPro15,2' or value like 'MacBookPro15,3' or value like 'MacBookPro15,4' or value like 'MacBookPro16,1' or value like 'MacBookPro16,2' or value like 'MacBookPro16,3' or value like 'MacBookPro16,4' or value like 'MacBookPro17,1' or value like 'MacBookPro18,1' or value like 'MacBookPro18,2' or value like 'MacBookPro18,3' or value like 'MacBookPro18,4' or value like 'Macmini8,1' or value like 'Macmini9,1' or value like 'MacPro7,1' or value like 'VirtualMac2,1' or value like 'Mac-0CFF9C7C2B63DF8D' or value like 'MacBookAir8,1' or value like 'MacBookAir9,1' or value like 'MacBookAir10,1' or value like 'MacBookPro14,1' or value like 'MacBookPro14,2' or value like 'MacBookPro14,3' or value like 'MacBookPro15,1' or value like 'MacBookPro15,2' or value like 'MacBookPro15,3' or value like 'MacBookPro15,4' or value like 'MacBookPro16,1' or value like 'MacBookPro16,2' or value like 'MacBookPro16,3' or value like 'MacBookPro16,4' or value like 'MacBookPro17,1' or value like 'MacBookPro18,1' or value like 'MacBookPro18,2' or value like 'MacBookPro18,3' or value like 'MacBookPro18,4' or value like 'Macmini8,1' or value like 'Macmini9,1' or value like 'MacPro7,1' or value like 'VirtualMac2,1' or value like 'Mac-0CFF9C7C2B63DF8D' or value like 'Mac-112818653D3AABFC' or value like 'Mac-1E7E29AD0135F9BC' or value like 'Mac-226CB3C6A851A671' or value like 'Mac-27AD2F918AE68F61' or value like 'Mac-4B682C642B45593E' or value like 'Mac-53FDB3D8DB8CA971' or value like 'Mac-551B86E5744E2388' or value like 'Mac-5F9802EFE386AA28' or value like 'Mac-63001698E7A34814' or value like 'Mac-77F17D7DA9285301' or value like 'Mac-7BA5B2D9E42DDD94' or value like 'Mac-77F17D7DA9285or value like 'Mac-77F17D7DA9285301' or value like 'Mac-7BA5B2DFE22DDD8C' or value like 'Mac-827FAC58A8FDFA22' or value like 'Mac-827FB448E656EC26' or value like 'Mac-937A206F2EE63C01' or value like 'Mac-A61BADE1FDAD7B05' or value like 'Mac-AA95B1DDAB278B95' or value like 'Mac-AF89B6D9451A490B' or value like 'Mac-B4831CEBD52A0C4C' or value like 'Mac-BE088AF8C5EB4FA2' or value like 'Mac-CAD6701F7CEA0921' or value like 'Mac-CFF7D910A743CAAF' or value like 'Mac-E1008331FDC96864' or value like 'Mac-E7203C0F68AA0004' or value like 'Mac-EE2EBD4B90B839A8' or value like 'J132AP' or value like 'J137AP' or value like 'J140AAP' or value like 'J140KAP' or value like 'J152FAP' or value like 'J160AP' or value like 'J174AP' or value like 'J185AP' or value like 'J185FAP' or value like 'J213AP' or value like 'J214AP' or value like 'J214KAP' or value like 'J215AP' or value like 'J223AP' or value like 'J230AP' or value like 'J230KAP' or value like 'J274AP' or value like 'J293AP' or value like 'J313AP' or value like 'J314cAP' or value like 'J314sAP' or value like 'J316cAP' or value like 'J316sAP' or value like 'J375cAP' or value like 'J375dAP' or value like 'J413AP' or value like 'J456AP' or value like 'J457AP' or value like 'J493AP' or value like 'J680AP' or value like 'J780AP' or value like 'VMA2MACOSAP' or value like 'VMM-x86_64' or value like 'X589AMLUAP' or value like 'X86LEGACYAP') limit 1;
description: "Checks that the hardware is capable of running macOS Ventura. This requires kolide's osquery extension which does not come with Fleet. You will need to manually build and deploy the extension prior to be able to use this policy."
resolution: "Contact your IT administrator to help you procure a new macOS device capable of running macOS Ventura."
platforms: macOS
tags: compliance, inventory, hardware
platform: darwin
contributors: erikng