cmdReporter Wiki

Sumo Logic REST HTTP

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>PayloadContent</key>
  <array>
    <dict>
      <key>PayloadContent</key>
      <dict>
        <key>com.cmdsec.cmdreporter</key>
        <dict>
          <key>Forced</key>
          <array>
            <dict>
              <key>mcx_preference_settings</key>
              <dict>
                <key>AuditLevel</key>
                <integer>1</integer>
                <key>AuditEventLogVerboseMessages</key>
                <false/>
                <key>AuditEventExcludedProcesses</key>
                <array>
                  <string>/Applications/splunk/bin/splunk</string>
                  <string>/Applications/splunk/bin/splunkd</string>
                  <string>/Applications/splunk/bin/splunk-optimize</string>
                  <string>/usr/sbin/mDNSResponder</string>
                </array>
                <key>FileEventExclusionPaths</key>
                <array>
                  <string>/private/etc/cups/.*</string>
                </array>
                <key>FileEventInclusionPaths</key>
                <array>
                  <string>/usr/lib/pam/.*</string>
                  <string>/Library/LaunchDaemons/.*</string>
                  <string>/Library/LaunchAgents/.*</string>
                  <string>/Library/StartupItems/.*</string>
                  <string>/Library/Extensions/.*</string>
                  <string>/private/etc/.*</string>
                  <string>/private/var/.*</string>
                </array>
                <key>UnifiedLogPredicates</key>
                <array>
                  <string></string>
                </array>
                <!-- Remote endpoint logging master switch -->
                <key>LogRemoteEndpointEnabled</key>
                <true/>
                <key>LogRemoteEndpointURL</key>
                <string>https://endpoint4.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV2OEAFVGi2WoEGbB048Hi63VjN_DJVhV...</string>
                <key>LogRemoteEndpointType</key>
                <string>REST</string>
                <key>LogRemoteEndpointREST</key>
                <dict>
                  <key>PublicKeyHash</key>
                  <string></string>
                </dict>              
                <key>LicenseEmail</key>
                <string>dan@cmdsec.com</string>
                <key>LicenseExpirationDate</key>
                <string>12/01/2019</string>
                <key>LicenseKey</key>
                <string>6466...</string>
                <key>LicenseType</key>
                <string>Trial</string>
                <key>LicenseVersion</key>
                <string>1</string>
                <key>LogFileMaxNumberBackups</key>
                <integer>10</integer>
                <key>LogFileMaxSizeMegaBytes</key>
                <string>100</string>
                <key>LogFileOwnership</key>
                <string>root:wheel</string>
                <key>LogFilePermission</key>
                <string>644</string>
              </dict>
            </dict>
          </array>
        </dict>
      </dict>
      <key>PayloadDescription</key>
      <string></string>
      <key>PayloadDisplayName</key>
      <string>Custom</string>
      <key>PayloadEnabled</key>
      <true/>
      <key>PayloadIdentifier</key>
      <string>ACE8C1E0-2CA9-47F9-95EA-092964CAB3EE</string>
      <key>PayloadOrganization</key>
      <string>cmdSecurity inc</string>
      <key>PayloadType</key>
      <string>com.apple.ManagedClient.preferences</string>
      <key>PayloadUUID</key>
      <string>ACE8C1E0-2CA9-47F9-95EA-092964CAB3EE</string>
      <key>PayloadVersion</key>
      <integer>1</integer>
    </dict>
  </array>
  <key>PayloadDescription</key>
  <string></string>
  <key>PayloadDisplayName</key>
  <string>internal-testing cmdReporter Preferences</string>
  <key>PayloadEnabled</key>
  <true/>
  <key>PayloadIdentifier</key>
  <string>8ECC25AC-0DAB-40D1-8E9F-2A7275315FDA</string>
  <key>PayloadOrganization</key>
  <string>cmdSecurity inc</string>
  <key>PayloadRemovalDisallowed</key>
  <true/>
  <key>PayloadScope</key>
  <string>System</string>
  <key>PayloadType</key>
  <string>Configuration</string>
  <key>PayloadUUID</key>
  <string>8ECC25AC-0DAB-40D1-8E9F-2A7275315FDA</string>
  <key>PayloadVersion</key>
  <integer>1</integer>
</dict>
</plist>


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.