Category Archives: Mac OS X Server

iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment

DeviceScout

DeviceScout is a tool that leverages JAMF’s Casper Suite to show administrators vital statistics and show alerts on client systems. These alerts display some of the critical aspects of systems, from encryption to disk capacity to backups, there are a number of pretty cool aspects of DeviceScout.

Screen Shot 2014-04-18 at 2.55.47 PM

Using the device view, you can view serial numbers, device types, check-in status, boot volumes, memory, etc. It’s a lot of insight into what you have on your systems. I’m a huge fan of such visibility. You will need to be running Casper to leverage DeviceScout, but it provides a very simple interface for management and even techs to see what’s going on in your enterprise in as quick a manner as possible. Inventory, security status, backup status and a support menu at your fingertips.

With very simple pricing, check out what they have to offer at http://www.devicescout.com.

Mac OS X Mac OS X Server Mac Security Mass Deployment public speaking

MacSysAdmin 2014!

Well, it’s that time of the year when one of my favorite conferences opens up registration! Come one, come all to MacSysAdmin for good times, good people and lots of fun Macinnerdiness! I hope to see you there! The official page is up at http://www.macsysadmin.se.
Screen Shot 2014-04-13 at 8.02.49 PM

Mac OS X Server Mac Security Microsoft Exchange Server Unix Windows Server

Heartbleed in Comics

Active Directory Mac OS X Mac OS X Server Microsoft Exchange Server Network Infrastructure Ubuntu Unix VMware Windows Server

Stashbox: Turning a Mac Mini Into A Logstash and Kibana Server

You have a lot of boxes. You would like to be able to parse through the logs of all those boxes at the same time, searching for a given timestamp across a set of machines for a specific string (like a filename or a port number). elasticsearch, logstash and kibana are one way to answer that kind of need. This will involve downloading three separate packages (which for this article, we’ll do in /usr/local) and creating a config file.

First, install the latest Java JDK. This is available at jdk8-downloads-2133151.html.

The following is going to download the latest version of logstash and untar the package into /usr/local/logstash (I like nesting that logstash-1.4.0 inside logstash so when the next version comes out I can have it there too, I have plenty of space so keeping a couple versions back helps in the event I need some old binary and can’t get to it ’cause they revved out the version I wrote a script against at some point):

curl -O https://download.elasticsearch.org/logstash/logstash/logstash-1.4.0.tar.gz
mkdir /usr/local/logstash
tar zxvf logstash-1.4.0.tar.gz -C /usr/local/logstash

Once we have log stash, we’ll grab elastic search similarly:

curl -O https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.0.1.tar.gz
mkdir /usr/local/elasticsearch
tar zxvf elasticsearch-1.0.1.tar.gz -C /usr/local/elasticsearch

Then we’ll untar kibana in the same manner:

curl -O https://download.elasticsearch.org/kibana/kibana/kibana-3.0.0.tar.gz
mkdir /usr/local/kibana
tar zxvf kibana-3.0.0.tar.gz -C /usr/local/kibana

Next we’ll make a very simple config file that we call /usr/local/stashbox.conf that listens on port 514 for syslog:

input {
tcp {
port => 514
type => syslog
}
udp {
port => 514
type => syslog
}
}
filter {
if [type] == "syslog" {
grok {
match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }
add_field => [ "received_at", "%{@timestamp}" ]
add_field => [ "received_from", "%{host}" ]
}
syslog_pri { }
date {
match => [ "syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
}
}
}
output {
elasticsearch { host => localhost }
stdout { codec => rubydebug }
}

Next, we’ll enable elastic search:

/usr/local/elasticsearch/elasticsearch-1.0.1/bin/elasticsearch

And finally, in a different window we’ll call logstash with that file as the config file:

/usr/local/logstash/logstash-1.4.0/bin/logstash -f /usr/local/stashbox.conf

Having each of these open in different Terminal windows allows you to see logs in stdout. Next, point a host at your new syslog box. You can use http://krypted.com/windows-server/use-syslog-on-windows for installing Windows clients or http://krypted.com/mac-security/redirect-logs-to-a-syslog-server-in-os-x/ for  a Mac. Once done, let’s get Kibana working. To do so, first edit the config.js.

vi /usr/local/kibana/kibana-3.0.0/config.js

Locate the elastic search setting and put the name of the host running logstash in there (yes, it can be the same as the actual logstash box as long as you install a web server on the logstash box). Then save the changes.

Now move the contents of that kibana-3.0.0 folder into your web directory. Let’s say this is a basic OS X Server, that would be:

cp -R /usr/local/kibana/kibana-3.0.0/* /Library/Server/Web/Data/Sites/Default/

You can then check out your Kibana site at http://localhost or http://localhost/index.html#/dashboard/file/logstash.json for the actual search pages, which is what I’ve bookmarked.

Screen Shot 2014-04-10 at 10.37.51 PM

For example, to see the impact of periodic scripts in System Logs:

Screen Shot 2014-04-12 at 9.07.44 AM

 

Mac OS X Mac OS X Server Mac Security Mass Deployment

Redirect Logs To A Syslog Server In OS X

I could have sworn that I’ve written this up before, but I just tried to link it into the article for tomorrow and it’s not on my site, so here goes. To redirect logs in OS X to a syslog server, open /etc/syslog.conf and add the following line (assuming an IP of 10.10.10.92 – replace that with the IP of your syslog box):

*.*                                       @10.10.10.92

To customize the port number (e.g. 9200) use @10.10.10.92:9200 instead. This should be instant but you can always use launchctl to unload and reload syslog if for some reason it isn’t. If you’re scripting this you can then programmatically send some information to the server. For example, if you enter the following, you should see an entry for testtesttest in your syslog server for the host you just configured:

logger testtesttest

iPhone Mac OS X Mac OS X Server

MacIT Presentation

I enjoy going to MacIT so much. Paul Kent ran a great little conference in Monterrey one year and I am so glad that I started going to Macworld around that time. I missed it last year while trying to trim back on the travel and am pretty stoked I got to get there again this year. Special thanks to everyone I saw and was able to hang out with. Considering there isn’t a single person I didn’t want to hang out with, sorry if I didn’t see you or get to spend any time. Thanks to Duncan and Kevin White for making time to do the podcasts (hopefully the background noise is low enough so we can get them posted!).

Also, this is a top-notch production. Kathy, Paul, the board (Arek, Dan, John, Kevin, Duncan, etc) and everyone else I’ve ever interacted with there are absolutely amazing. I would love nothing more than to not get a chance to speak next year because a flood of amazing talks burst on the scene. Start thinking about what you could talk about now so I can show up and sit in the back and watch you do your thing! :)

And if you were in my session and asked about the presentation when the conference site was on the fritz (which could have also been my fault BTW), the presentation is here: MacIT 2014

Screen Shot 2014-03-29 at 11.09.44 PM

Mac OS X Mac OS X Server Xsan

Test Volume Speeds for Xsan Metadata Controllers

I have used a variety of tools for testing the speed of Xsan volumes. But none have been as easy as the BlackMagic Disk Speed Test. It’s cute, it’s fast, it’s very informative and it requires no Terminal, unlike the other tools I’ve used for years. To use Disk Speed Test, first download it from the Mac App Store (it’s free). Then mount the volume you’d like to test and open the Disk Speed Test app.

BlackMagic1

 

Click on the Settings icon in the middle and select the volume you’d like to test.

BlackMagic2

Then click Start. Enjoy.

Mac OS X Mac OS X Server Mac Security Mass Deployment

That Time I Interviewed Andrina For An AFP548 Podcast

Hey, remember that time I interviewed Andrina in an AFP548 podcast? That was totally fun! We should do that again. Maybe I’ll pronounce toller right next time! #cloudwords

Mac OS X Mac OS X Server Mac Security Mass Deployment public speaking

MacAdmins Conference at Penn State

Straight from our good friends at PSU:

Register Now for the 2014 MacAdmins Conference!

We’re proud to announce that early-bird registration for the 2014 MacAdmins Conference is now open!

This year’s conference will be bigger and better than ever, with over 50 sessions on Mac and iOS administration topics, 5 brand new pre-conference workshops, and 3 amazing evening events.

Early-bird registration price is the same as last year:
* $400 conference only (July 9-11) <http://macadmins.psu.edu/conference/registration/>
* $550 conference plus pre-conf workshop (July 8-11) <http://macadmins.psu.edu/conference/registration/>

Early-bird pricing ends April 30, and we expect to sell out quickly, so register now:

<http://macadmins.psu.edu/conference/registration/>

** Pre-Conference Workshops
—————————

This year we’re introducing pre-conference workshops – 5 full-day sessions on the most important topics facing today’s Mac and iOS System Administrator:
* D&D – Deployment and Delivery
* iOS and Mobile Device Management
* More Shell Scripting than Necessary
* Python and Git for System Admins
* Mac Admin Fundamentals

Visit our Workshops <http://macadmins.psu.edu/workshops/> page for detailed descriptions. Space on these workshops is limited and they will fill up fast!  Secure your spot today. <http://macadmins.psu.edu/conference/registration/>

** Thanks for the Session Submissions!
————————————–

We had a tremendous response to our conference session call for proposals.  If you submitted a session, you’ll be hearing from us in the next few days.

** New Hashtag:  #psumac
————————————————————

The MacAdmins Conference at Penn State is @psumacconf <https://twitter.com/psumacconf> on Twitter and our official hashtag is #psumac <https://twitter.com/search?&q=%23psumac> .

Update your Twitter clients and saved searches accordingly!

============================================================

Mac OS X Mac OS X Server Mac Security Mass Deployment public speaking

MacIT Early Bird Registration

If you haven’t signed up for one of my favorite conferences ever, MacIT (alongside Macworld) then you should give it a go. If you’ve never been, it’s great and if you’ve been then it’s great to catch up with old friends. I hope to see you there!

————————————

MacIT®, taking place March 26-29, 2014, in San Francisco, CA at Moscone Center North (alongside Macworld/iWorld), is the definitive event for understanding Apple technology implementation and management in enterprise environments. Our esteemed faculty of industry experts provide detailed, impartial analysis of the technology and solution chains you face when putting iOS, OS X and Apple hardware products to work in large enterprise.

MacIT 2014 features sessions on: MDM, BYOD, IPv6, VMs, SNMP, Mavericks, iOS7 and more!

MacIT 2014 opens with a thought-provoking keynote: What the Enterprise Needs from Apple – IT Execs Speak Out.

In this special panel discussion led by IDG Communications’ Chief Content Officer John Gallant, leading IT executives and a top Apple analyst share their views on what the enterprise needs from Apple. What gaps exist in current Apple offerings? How does IT want to deal with – or not deal with – Apple? How can enterprise IT and Apple build a more fruitful partnership that makes life easier for the business and helps Apple build even better products for a future in which the line is increasingly blurred between work and the rest of our lives? The session will highlight opportunities for Apple and other companies to improve the Apple ecosystem at work.

unnamed
MacIT is uniquely positioned to help today’s IT/IS and Network managers face and conquer the mobile implementation challenges they face daily.

Register today to join your IT colleagues, technology leaders and industry experts, at the definitive event for deploying and managing Apple in the enterprise.

Register by February 28th to Save!

For the full conference program and list of speakers, visit www.macitconf.com
We look forward to seeing you next March!