detectx
v6.0.0-beta.1
Admins are responsible for creating their own launch daemon that runs DetectX and provides the results data to:
/usr/local/munkireport/scripts/cache/
Module pulls data from DetectX Swift (requires Pro or Management License!) results json. It does not run DetectX!
Differences between Infection and Issue: - Infections are things that DTXS can’t remove simply by deleting files. - So, for example, they may include modifications of essential files or system settings. - If you ever get an infection, the best course of action is to contact [email protected] with details so that you can remediate it.
Example Launch Daemon (also included is an example package build for munkipkg under the package directory)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>DetectX All User Run</string>
<key>ProgramArguments</key>
<array>
<string>/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift</string>
<string>search</string>
<string>-aj</string>
<string>/usr/local/munkireport/scripts/cache/detectx.json</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
