macOS

Version: macOS (Sierra, High Sierra, Mojave, Catalina, Big Sur, Monterey, and Ventura)

Netsurion's Open XDR platform provides support for devices running Apple’s macOS. Netsurion's Open XDR platform can extract logs from OS devices and can generate flex reports and triggering alerts due to suspicious activity associated with login/logout activity, authentication failures and any kind of administrator activity.

Netsurion data source integration for macOS allows you to monitor the following components:

  • Security - User authentication failure.
  • Compliance - User and group management, administrative activities and command executed.
  • Operation - Login and logout activities, login failure activities, authentication, and authorization.

Once macOS is configured to deliver logs to Netsurion's Open XDR platform; alerts, dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security macOS - User authentication failure This alert will be generated when the user authentication fails.
Compliance macOS - Login Failure This alert will be generated when the user login failure is attempted.

Reports

Type Name Description
Operations macOS - User and Group management This report gives information about user and group management activities like modification, creation, and addition.
Operations macOS - Administrative activities This report gives the information about any kind of administrative activities in macOS.
Operations macOS - Command executed This report gives information about command executed by users.
Compliance macOS - Login and Logout activities This report gives information about user login and logout activities based on local or remote.
Compliance macOS - Authentication and Authorization This report gives the information about user authentication and authorization activities in macOS.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.9 or later, and macOS.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept