How to List Munki Configs Across All Macs
Using Kolide, you can easily view and query Mac Munki Configs across your fleet.
Introduction
This inventory displays configuration information about the Munki service if installed on your device.
The Munki project describes itself as:
Munki is a set of tools that, used together with a webserver-based repository of packages and package metadata, can be used by macOS administrators to manage software installs (and in many cases removals) on macOS client machines.
Munki can install software packaged in the Apple package format, and also supports Adobe deployment packages, and drag-and-drop disk images as installer sources. Additionally, Munki can be configured to install Apple Software Updates, either from Apple's server, or an organization's private server.
It looks very similar to the Apple App Store, and launches under the name 'Managed Software Center'.
For more information about the Munki project, please refer to its official website: The Munki Project and the GitHub project.
What Mac Munki Config Data Can Kolide Collect?
Kolide's endpoint agent bundles in osquery to efficiently collect Mac Munki Configs from Macs in your fleet. Once collected, Kolide will parse, clean up, and centrally store this data in Inventory for your team to view, query, or export via API.
Kolide meticulously documents every piece of data returned so you can understand the results.
Mac Munki Configs Schema
| Column | Type | Description | |
|---|---|---|---|
| id | Primary Key |
Unique identifier for the object |
|
| device_id | Foreign Key |
Device associated with the entry |
|
| device_name | Text |
Display name of the device associated with the entry |
|
| additional_http_headers | Text |
Additional HTTP headers for Munki requests |
|
| apple_software_updates_only | Boolean |
|
|
| catalog_url | Text |
URL for Munki catalog files |
|
| client_certificate_path | Text |
Path to client certificate for authentication |
|
| client_identifier | Text |
Unique identifier for this Munki client |
|
| client_key_path | Text |
Path to client key for authentication |
|
| client_resource_url | Text |
URL for Munki client resources |
|
| client_resources_filename | Text |
Filename for client resources |
|
| days_between_notifications | Integer |
Number of days between Munki update notifications |
|
| follow_http_redirects | Text |
HTTP redirect following behavior |
|
| help_url | Text |
URL for Munki help documentation |
|
| icon_url | Text |
URL for Munki application icons |
|
| ignore_system_proxies | Boolean |
|
|
| install_apple_software_updates | Boolean |
|
|
| install_requires_logout | Boolean |
|
|
| last_check_result | Integer |
Result code from the last Munki check |
|
| last_checked_at | Timestamp |
Timestamp of the last Munki check |
|
| last_notified_at | Timestamp |
Timestamp when user was last notified of updates |
|
| local_only_manifest | Text |
Name of local-only manifest file |
|
| log_file | Text |
Path to Munki log file |
|
| log_to_syslog | Boolean |
|
|
| logging_level | Integer |
Munki logging verbosity level (0-3) |
|
| managed_install_dir | Text |
Directory for Munki managed installations |
|
| manifest_url | Text |
URL for Munki manifest files |
|
| msu_debug_log_enabled | Boolean |
|
|
| msu_log_enabled | Boolean |
|
|
| oldest_update_days | Integer |
Age in days of the oldest pending update |
|
| package_url | Text |
URL for Munki package files |
|
| package_verification_mode | Text |
Package verification mode (hash, hash_strict, or none) |
|
| pending_update_count | Integer |
Number of pending updates available |
|
| perform_auth_restarts | Boolean |
|
|
| recovery_key_file | Text |
Path to FileVault recovery key file |
|
| show_optional_installs_for_higher_os_versions | Boolean |
|
|
| show_removal_detail | Boolean |
|
|
| software_repo_ca_certificate | Text |
Path to CA certificate for software repository |
|
| software_repo_ca_path | Text |
Path to directory containing CA certificates |
|
| software_repo_url | Text |
Base URL for Munki software repository |
|
| software_update_server_url | Text |
URL for Apple software update server |
|
| suppress_auto_install | Boolean |
|
|
| suppress_loginwindow_install | Boolean |
|
|
| suppress_stop_button_on_install | Boolean |
|
|
| suppress_user_notification | Boolean |
|
|
| unattended_apple_updates | Boolean |
|
|
| use_client_certificate | Boolean |
|
|
| use_client_certificate_cnas_client_identifier | Boolean |
|
|
| use_notification_center_days | Integer |
Number of days before updates are required to use Notification Center |
|
| collected_at | Timestamp |
Time the row of data was first collected in the database |
|
| updated_at | Timestamp |
Time the row of data was last changed in the database |
|
Why Should I Collect Mac Munki Configs?
IT and Security Administrators can review this inventory to confirm the desired configuration of their end-user's Munki clients. This can be helpful for troubleshooting devices which are not receiving intended managed software deployments and updates.
End-User Privacy Consideration
Kolide practices Honest Security. We believe that data should be collected from end-user devices transparently and with privacy in mind.
When you use Kolide to list Mac Munki Config data from end-user devices, Kolide gives the people using those devices insight into exactly what data is collected, the privacy implications, and who on the IT team can see the data. This all happens in our end-user privacy center which can be accessed directly by employees.
