| Device Fact Name |
Description |
Collector |
| 32_bit_applications |
Retrieves a list with the paths of the 32 Bit applications. |
agent |
| active_users |
Retrieves a list of user account names on the Mac. It filters out
user accounts with UniqueIDs less than 500, which are typically system
accounts or service accounts.
|
agent |
| addigy_splashtop_installed |
Checks if the Splashtop streamer is installed. Returns true if it
is installed and false if it is not found.
|
agent |
| admin_users |
A list of users who have administrative privileges on a Mac.
|
agent |
| agent_version |
Retrieves the version of the Addigy agent. |
agent |
| bandwidth_saved_gb |
Retrieves the amount of bandwidth (in gigabytes) fetched from other
peers in the network.
|
agent |
| bandwidth_served_gb |
Retrieves the amount of bandwidth (in gigabytes) served served to
other peers in the network.
|
agent |
| battery_capacity_loss_percentage |
Retrieves information about the battery capacity of a Mac. Calculates
the battery percentage by subtracting the maximum capacity from the
design capacity and dividing it by the design capacity.
|
agent |
| battery_charging |
The charging status of a Mac. It is 'true', if the device is currently
charging, otherwise it is 'false'.
|
agent |
| battery_cycles |
The cycle count of the battery on a Mac. The cycle count represents
the number of times the battery has been charged and discharged.
If the cycle count is not available, it shows 0. Most modern Macs
have a maximum of 1000 cycles. Review Apple's Documentation for more
details https://support.apple.com/en-us/HT201585.
|
agent |
| battery_failures |
If the value is 0, it means that the battery has not permanently
failed. Otherwise, it contains the status code indicating the permanent
failure of the battery.
|
agent |
| battery_percentage |
Retrieves current battery percentage of a Mac. |
agent |
| battery_temperature_fahrenheit |
The current temperature of the battery of a Mac in fahrenheit. It
is '0' if the temperature value is not available.
|
agent |
| battery_temperaturecelsius |
Retrieves the temperature of the battery on a Mac in celsius. If
the temperature is not available, it returns 0. Otherwise, it converts
the temperature from a raw value to Celsius and returns the result.
|
agent |
| bluetooth_mac |
The Bluetooth MAC address of the Mac. |
agent |
| build_version |
The build version of the macOS system. If the build version is not
found, 'n/a' is printed instead.
|
agent |
| crashplan_days_since_last_backup |
The number of days that have passed since the last completed backup
in CrashPlan.
|
agent |
| current_user |
Retrieves the username of the currently logged-in user on a Mac.
If there is no user logged in, it returns an empty string.
|
agent |
| device_chip_type |
The type of chip used by the device. |
agent |
| device_model_name |
The model name of a Mac. If the model name is found, it is printed
to the console. If the model name is not found, an error message
is printed.
|
agent |
| device_name |
The hostname of the Mac. If a hostname is found, it is printed to
the console. If no hostname is found, an error message is displayed.
|
agent |
| display_on |
Checks if a display is connected to a Mac and if the display is asleep
or turned off. If no display is found, it returns 'false'. If the
display is asleep or turned off, it also returns 'false'. Otherwise,
it returns 'true' indicating that a display is connected and turned
on.
|
agent |
| displays_serial_number |
The serial numbers of the displays connected to a Mac. |
agent |
| enrolled_via_dep |
Determines whether the device was enrolled via Automated Device Enrollment.
If the macOS version is 10.12.3 or earlier, it returns 'false'.
|
agent |
| ethernet_mac_address |
MAC address of the Ethernet interface on a Mac. It first checks if
there is an Ethernet interface and if so, it retrieves the MAC address.
If there is no Ethernet interface, it checks for a LAN interface
and retrieves the MAC address if found.
|
agent |
| files_served |
The number of files served by the device through LANCache. |
agent |
| filevault_enabled |
The status of FileVault on a Mac. It is 'true' if FileVault is enabled,
otherwise it is 'false'.
|
agent |
| firewall_allowed_applications |
A list of applications that are allowed to make all connections if
the firewall on a Mac is enabled and set to limit incoming connections
to specific services and applications.
|
agent |
| firewall_block_all_incoming_connections |
If the firewall is set to 'Block all incoming connections', it returns
'true'. Otherwise, it returns 'false'.
|
agent |
| firewall_blocked_applications |
The list of blocked applications if the firewall is enabled.
|
agent |
| firewall_enabled |
True if the firewall is set to 'Limit incoming connections to specific
services and applications' or 'Block all incoming connections', false
otherwise.
|
agent |
| firewall_stealth_mode_enabled |
True if the firewall is in stealth mode, false otherwise. |
agent |
| firmware_password_allow_orams |
Checks if option ROMs are enabled on a Mac. Option ROMs are firmware
extensions that provide additional functionality to the device's
hardware. If the script is 'true', it means that option ROMs are
allowed and enabled. If it is 'false', it means that option ROMs
are not allowed or not enabled.
|
agent |
| firmware_password_exists |
If the firmware password is enabled, it will print 'true', otherwise
it will print 'false'.
|
agent |
| free_disk_percentage |
The fact calculates the percentage of free disk space on the Mac.
The result is rounded to the nearest whole number.
|
agent |
| free_disk_space_gb |
Retrieves the total free space in gigabytes. Free Disk Space value
does not include the total purgable space that can be reclaimed by
normal macOS operations. The final result is the total free space
rounded up to the nearest whole number. * (See footnote at the bottom
of the article)
|
agent |
| gatekeeper_enabled |
Determines the status of Gatekeeper on a Mac. Gatekeeper is a security
feature that helps protect the system from running malicious software.
If enabled, Gatekeeper is currently active and will block the execution
of unsigned or unidentified applications.
|
agent |
| has_mdm |
Checks if the device is enrolled in the Addigy MDM (Mobile Device
Management) system.
|
agent |
| has_mdm_profile_approved |
Checks if the Mac is enrolled in Addigy MDM and if the user has approved
the enrollment profile. If it is not enrolled, it returns 'false'.
If the macOS version is 10.12.3 or earlier, it returns 'true'.
|
agent |
| has_wireless |
Checks if there is a wireless network interface on the Mac. If a
wireless port is found, it returns 'true', otherwise it returns 'false'.
|
agent |
| host_name |
The hostname of the device. |
agent |
| identity_installed |
Checks if Addigy Identity is currently installed on the device.
|
agent |
| identity_users |
Retrieves the usernames of all users on a Mac that have logged in
with their IDP.
|
agent |
| installed_profiles |
Retrieves a list of configuration profiles installed on a Mac.
|
agent |
| is_apple_intelligence_compatible |
Is Apple intelligence compatible with the device. |
agent |
| is_mdm_client_stuck |
Checks if a Mac has an Addigy MDM profile installed and if the MDM
client is stuck. It does this by searching for the presence of the
Addigy MDM profile in the system configuration profile data and by
checking the latest log entry for the MDMClientStuck flag. If both
conditions are met, it returns true; otherwise, it returns false.
|
agent |
| is_mdm_identity_certificate_installed |
Checks if a Mac has an Addigy MDM profile installed and if an Addigy
MDM identity certificate is present. It returns 'true' if both conditions
are met, and 'false' otherwise.
|
agent |
| is_mdm_softwareupdated_stuck |
Checks if MDM is stuck processing a software update command.
|
agent |
| is_sequoia_ready |
Returns 'true' if the device is eligible to be upgraded to Sequoia.
|
agent |
| is_sonoma_ready |
Returns 'true' if the device is eligible to be upgraded to Sonoma.
|
agent |
| java_vendor |
Checks if Java is installed on a Mac and determines whether it is
an Oracle or Apple Java installation. The script then outputs 'Oracle',
'Apple', or 'Not Available'.
|
agent |
| java_version |
Retrieves the version of Java installed on a Mac. It shows 'n/a'
if Java is not available.
|
agent |
| kernel_panic |
Checks if there is a kernel panic log in the system log file. If
there is a kernel panic log, it returns true; otherwise, it returns
false.
|
agent |
| lan_cache_size_bytes |
The total size, in bytes, of all files in the directory /Library/Addigy/download-cache/downloaded.
|
agent |
| last_reboot_timestamp |
The timestamp of the last time the Mac was booted (reported in Epoch
time).
|
agent |
| local_ip |
Retrieves the IP address of the Mac by querying the network interfaces.
It shows 'n/a' if no IP address is found.
|
agent |
| locales |
The preferred language settings for the currently logged-in user
on the Mac.
|
agent |
| localhost_name |
Retrieves the local hostname of a Mac. The local hostname is the
name that the device uses to identify itself on the local network.
If no local hostname is found, an error message is displayed.
|
agent |
| mac_os_x_version |
The OS version of the Mac. The value is 'n/a' if the OS version is
not available.
|
agent |
| mb_endpoint_account_id |
The account ID associated with the Malwarebytes Endpoint Agent Daemon
exists on the Mac. The value is an empty string if the agent or account
ID is not found.
|
agent |
| mb_endpoint_agent_version |
The fact checks if the Malwarebytes Endpoint Agent Daemon is installed
on the Mac. It returns 'n/a' if it is not found.
|
agent |
| mb_endpoint_machine_id |
The machine ID for the Malwarebytes Endpoint Agent Daemon installed
on the Mac.
|
agent |
| mb_endpoint_nebula_machine_id |
The Nebula Machine ID for the Malwarebytes Endpoint Agent Daemon
installed on the Mac.
|
agent |
| mb_oneview_installed |
Checks if the Malwarebytes Endpoint Agent is installed on the Mac.
|
agent |
| mdm_update_eligibility |
Indicates that the device can be updated through MDM. |
agent |
| microsoft_company_portal_version |
Returns the version of the Microsoft Company Portal application installed
on the Device.
|
agent |
| os_platform |
The OS Platform of the device. |
agent |
| peer_count |
The number of LANCache peers available to the device. |
agent |
| policy_execution_seconds |
Calculates the most recent execution time in seconds of the Addigy
Policier binary.
|
agent |
| privileged_mdm |
Returns 'true' for Silicon-based devices that are enrolled manually
and have the ability to do Automatic Software Updates. This setting
must be set manually in the RecoveryOS. Returns 'false' otherwise
|
agent |
| processor_speed_ghz |
Returns the CPU speed in GHZ. It will show 'n/a' if the CPU speed
cannot be determined.
|
agent |
| processor_type |
Returns the name of the processor installed on the device. Returns
'n/a' if the processor name cannot be determined.
|
agent |
| product_description |
Product Description or 'n/a' if it cannot be determined. |
agent |
| product_name |
Retrieves the model name of the device. |
agent |
| remote_desktop_enabled |
Returns 'true' if Remote Desktop is enabled, otherwise returns 'false'.
|
agent |
| remote_login_enabled |
Checks if remote login is enabled on a Mac. |
agent |
| serial_number |
The serial number of the device. |
agent |
| smart_failing |
Returns 'true' if the status SMART (Self Monitoring Analysis and
Reporting Technology) is "Failing", otherwise return 'false'. This
only verifies the internal drives.
|
agent |
| software_update_device_id |
Software Update Identifier is used internally to detect new software
updates.
|
agent |
| splashtop_id |
The UUID is a unique identifier assigned to the Splashtop Streamer
application, which is used for remote desktop access.
|
agent |
| splashtop_installation_date |
Retrieves the installation date of the Splashtop application on a
Mac.
|
agent |
| splashtop_version |
Retrieves the version number of the Splashtop Streamer application
installed on a Mac.
|
agent |
| system_integrity_protection_enabled |
Returns 'true' if System Integrity Protection (SIP) is enabled and
'false' if disabled. SIP is a security feature that protects critical
system files and processes from being modified or tampered with.
|
agent |
| system_version |
Retrieves the system version of a Mac. |
agent |
| third_party_agents |
Lists the files in the '/Library/LaunchAgents/' directory on a Mac.
The files in this directory are used to configure and manage user-specific
processes that are launched automatically when a user logs in.
|
agent |
| third_party_daemons |
The fact lists the launch daemons present in the /Library/LaunchDaemons/
directory of a Mac. The files in this directory are used to configure
and manage system wide processes that are launched automatically
when the device starts up.
|
agent |
| third_party_kernel_extensions |
A list of kernel extensions (kexts) installed on a Mac. It filters
out the built-in Apple kexts.
|
agent |
| time_machine_days_since_last_backup |
The last time in days that a Time Machine backup was performed on
a Mac.
|
agent |
| timezone |
Retrieves the current timezone of the Mac. |
agent |
| tmp_size_mb |
The fact calculates the size of the /private/tmp directory in megabytes.
|
agent |
| total_disk_space_gb |
The total disk space in gigabytes. |
agent |
| total_memory_gb |
Retrieves the total memory in gigabytes. It rounds up the calculated
total memory to the nearest whole number.
|
agent |
| udid |
Retrieves the UDID (Universally Unique Identifier) of a Mac. The
UDID is a unique identifier assigned to each device and can be used
to identify and track the device.
|
agent |
| uptime_days |
Retrieves the number of days that the Mac has been running. If the
device has been running for less than a day, it returns 0. Otherwise,
it returns the number of days.
|
agent |
| used_memory_gb |
The amount of used memory on a Mac in gigabytes rounded to the nearest
whole number. It retrieves information about pageable internal memory,
purgeable memory, wired down memory, and memory occupied by the compressor.
|
agent |
| warranty_days_left |
The number of warranty days left on the device. It will return 'n/a'
if the warranty has already expired.
|
agent |
| wifi_mac_address |
Retrieves the MAC address of the Wi-Fi interface on a Mac. The MAC
address is a unique identifier assigned to the network interface
card (NIC) of the device. It is used to identify the device on a
network.
|
agent |
| xcode_installed |
Checks if Xcode Command Line Tools or Xcode is installed on a Mac.
|
agent |
| battery_health |
The device’s battery health. Available in iOS 17 and later on iPhone
only (iPad returns unsupported), and macOS 14.4 and later on Apple
silicon Mac computers. Possible Values: non-genuine, normal, service-recommended,
unknown, unsupported
|
ddm |
| agentid |
The Addigy Agent ID is a unique identifier assigned to an Apple device
by Addigy.
|
server side |
| audit_execution_time_seconds |
Audit Execution (seconds) refers to the amount of time it takes for
an audit process to be executed. This metric measures the speed and
efficiency of the audit process, with a lower number indicating faster
execution.
|
server side |
| azure_ad_device_ids |
Azure AD Device IDs is a list of unique identifiers assigned to devices
that are registered with Azure Active Directory. These device ids
are used to uniquely identify and manage devices within an organization's
Azure AD environment.
|
server side |
| azure_ad_user_ids |
Azure AD User IDs refers to a list of unique identifiers assigned
to users in Azure Active Directory. These user IDs are used to authenticate
and authorize users to access various resources and services within
the Azure ecosystem.
|
server side |
| client_ip |
The IP address of the device that is accessing a network or server.
|
server side |
| filevault_key_escrowed |
Indicates whether the FileVault key for the Apple device has been
escrowed. If the value is true, it means that the FileVault key has
been stored securely by MDM, allowing for recovery of the key if
it is lost or forgotten. If the value is false, it means that the
FileVault key has not been escrowed and recovery of the key would
not be possible.
|
server side |
| identity_email |
The email address associated with a user in their IDP. |
server side |
| identity_employee_department |
The department of an employee in an organization within the IDP.
It is used to identify the specific department that an employee belongs
to within the organization.
|
server side |
| identity_employee_hire_date |
The date when an employee was hired, as fetched from the IDP. It
is used to track the length of an employee's tenure with the company
and can be used for various HR and administrative purposes.
|
server side |
| identity_employee_type |
Refers to the type of employee within an organization within the
IDP.
|
server side |
| identity_job_title |
The job title associated with a user within the IDP. |
server side |
| identity_mobile_phone |
The phone number associated with the logged in user within the IDP.
|
server side |
| identity_office_location |
The Office Location associated with the logged in user within the
IDP.
|
server side |
| identity_password_last_set_date |
The date when the password for was last set within the IDP. This
date is important for security purposes as it helps track when the
password was last changed.
|
server side |
| identity_provider_name |
The name of the service or platform that is used for user authentication
and authorization. It could be a third-party service like Azure,
Google or Okta.
|
server side |
| identity_usage_location |
The geographic location where the user logged in with their IDP.
|
server side |
| identity_user_display_name |
The name of the user associated with the IDP. It is typically used
for displaying the user's name in various applications and settings
on the device.
|
server side |
| identity_username |
The unique username associated with a the IDP. It is used for various
purposes such as signing in.
|
server side |
| is_compliant |
The fact is describing whether an Apple device is compliant with
its associated Benchmarks.
|
server side |
| last_online |
Date of the last time that the device connected to Addigy Services.
It can be useful for tracking the activity or usage patterns of a
device, or for determining if a device is currently online or offline.
|
server side |
| mac_uuid |
A unique identifier assigned to each Apple device. It is a string
of alphanumeric characters that can be used to uniquely identify
a specific Apple device.
|
server side |
| online |
Returns true if device is online and connected to Addigy Services
and false otherwise.
|
server side |
| policy_id |
The Policy ID shows the a legacy single policy assignment for the
device. Now that devices can be assigned to multiple policies you
should use the 'Policy IDs' fact for a more accurate view of the
device's policy assignments.
|
server side |
| policy_ids |
Policy IDs refer to a list of Policies that the device is assigned
to.
|
server side |
| registration_date |
Returns the date that the device was registered with Addigy.
|
server side |
| mb_endpoint_last_scan |
Returns date when last Malwarebytes scan was performed on the Apple
device. It provides information about the most recent scan conducted
by Malwarebytes to detect and remove any potential malware or malicious
software from the device.
|
mbov |
| mb_endpoint_suspicious_activity_count |
A numerical value that represents the number of suspicious activities
detected by the Malwarebytes software on an Apple device. This count
indicates the level of potential security threats or malicious activities
that have been identified and blocked by Malwarebytes.
|
mbov |
| mb_endpoint_suspicious_activity_detected |
Indicates whether Malwarebytes has detected any suspicious activity
on the Apple device. If the value is true, it means that Malwarebytes
has detected suspicious activity, while a value of false means that
no suspicious activity has been detected.
|
mbov |
| active_managed_users |
Active Managed Users refers to the number of users who are currently
enrolled in MDM.
|
mdm |
| authenticated_root_volume_enabled |
Indicates whether the authenticated root volume feature is enabled
on the Apple device. When enabled, the device verifies the integrity
of the operating system at startup to ensure it has not been tampered
with or modified.
|
mdm |
| awaiting_configuration |
The fact is describing whether an Apple device is currently in the
process of being configured. If the value is true, it means that
the device is awaiting configuration in Setup Assistant. If the value
is false, it means that the device has already been configured.
|
mdm |
| bootstrap_token_allowed_for_authentication |
Refers to a feature in Apple devices that allows the use of a bootstrap
token for authentication. A bootstrap token is a cryptographic token
that is used to securely authenticate a device with an external service
or system. This feature enhances the security and authentication
capabilities of Apple devices. The value returned is the bootstrap
token itself.
|
mdm |
| bootstrap_token_required_for_kernel_extension_approval |
Indicates whether a bootstrap token is required for kernel extension
approval on an Apple device. If the value is true, it means that
a bootstrap token is required. If the value is false, it means that
a bootstrap token is not required.
|
mdm |
| bootstrap_token_required_for_software_update |
Indicates whether a bootstrap token is required for software updates
on the Apple device. If the value is true, it means that a bootstrap
token is required. If the value is false, it means that a bootstrap
token is not required.
|
mdm |
| carrier_settings_version |
The software version that is specific to a particular carrier and
is installed on an iPhone. It includes settings and configurations
that are necessary for the device to connect to the carrier's network
and access certain features, such as cellular data and voice calling.
|
mdm |
| cellular_technology |
The technology used in Apple devices to connect to cellular networks
and access the internet. It allows users to make phone calls, send
text messages, and use data services while on the go, without relying
on Wi-Fi connections.
|
mdm |
| current_carrier_network |
The mobile network operator that a specific Apple device is currently
connected to. This information is useful for determining the network
coverage and services available to the device, as well as for troubleshooting
network-related issues.
|
mdm |
| current_mcc |
The Mobile Country Code of the current network that an Apple device
is connected to. The MCC is a unique identifier assigned to each
country or region, and it is used to determine the country or region
of the mobile network that the device is currently using.
|
mdm |
| current_mnc |
MNC (Mobile Network Code) is a unique identifier assigned to a mobile
network operator. It is used to identify the network that an Apple
device is currently connected to.
|
mdm |
| data_roaming_enabled |
Indicates whether data roaming is enabled on the Apple device. If
data roaming is enabled, the device can connect to cellular networks
outside of its home network and use data services while roaming.
|
mdm |
| days_since_last_cloud_backup |
The number of days that have passed since the last cloud backup of
an Apple device. This backup includes data such as photos, contacts,
and app settings, which can be restored in case of device loss or
damage.
|
mdm |
| eas_device_identifier |
A unique identifier assigned to an Apple device that is used for
Exchange ActiveSync (EAS) communication. It allows the device to
securely connect and synchronize with an Exchange server, enabling
features such as email, calendar, and contacts syncing.
|
mdm |
| ethernet_ma_cs |
The Ethernet Media Access Control (MAC) sublayer and Carrier Sense
(CS) mechanism. This technology is used in Apple devices to control
access to the Ethernet network and ensure that multiple devices can
share the network without causing collisions or data loss.
|
mdm |
| external_boot_level |
The boot level of an Apple device that is connected to an external
source, such as a computer. It indicates whether the device is currently
booting up or has successfully booted up from the external source.
|
mdm |
| firmware_password_change_pending |
Whether a firmware password change is pending. If the value is true,
it means that a firmware password change is pending. If the value
is false, it means that there is no pending firmware password change.
|
mdm |
| hardware_encryption_caps |
Refers to the ability of iPhones to encrypt data using hardware-based
encryption. This means that the encryption process is performed by
dedicated hardware components within the device, which provides faster
and more efficient encryption compared to software-based encryption
methods. This capability enhances the security of data stored on
iPhones, protecting it from unauthorized access.
|
mdm |
| hardware_model |
The specific model of an Apple device, such as iPhone X or MacBook
Pro. It is a unique identifier that distinguishes one device from
another and is often used for compatibility and support purposes.
|
mdm |
| has_unlock_token |
Indicates whether the Apple device has an unlock token. An unlock
token is a unique identifier that allows the device to be unlocked
and accessed by the user.
|
mdm |
| iccid |
The iCCID is a unique identifier for a SIM card in an Apple device.
It stands for Integrated Circuit Card Identifier and is used to identify
the SIM card and establish a connection with the cellular network.
|
mdm |
| imei |
The IMEI (International Mobile Equipment Identity) is a unique identifier
for a mobile device. It is a 15-digit number that is used to identify
and track individual devices, such as iPhones. The IMEI can be found
in the device settings.
|
mdm |
| is_activation_lock_enabled |
Indicates whether the Activation Lock feature is enabled on an Apple
device. Activation Lock is a security feature that prevents unauthorized
users from activating or using a device that has been lost or stolen.
When Activation Lock is enabled, the device requires the user's Apple
ID and password to be entered before it can be activated or used.
|
mdm |
| is_activation_lock_manageable |
Describes whether the Activation Lock feature on an Apple device
is manageable or not. If the value is true, it means that the Activation
Lock can be managed, allowing the user to enable or disable it as
needed. If the value is false, it means that the Activation Lock
cannot be managed and is permanently enabled on the device.
|
mdm |
| is_apple_silicon |
Indicates whether the Apple device is powered by Apple Silicon or
not.
|
mdm |
| is_cloud_backup_enabled |
Indicates whether cloud backup is enabled on the Apple device. If
the value is true, it means that the device is set up to automatically
backup its data to the cloud. If the value is false, it means that
cloud backup is not enabled and the device's data is not being backed
up to the cloud.
|
mdm |
| is_device_locator_service_enabled |
Indicates whether the system enabled a device locator service
such as Find My on the device. If the value is true, it has Find My enabled. If the value is false, Find My is disabled on the device.
|
mdm |
| is_do_not_disturb_in_effect |
Indicates whether the Do Not Disturb feature is enabled on the Apple
device. If the value is true, it means that the Do Not Disturb feature
is currently active and notifications will be silenced. If the value
is false, it means that the Do Not Disturb feature is not active
and notifications will be received as usual.
|
mdm |
| is_mdm_activation_lock_enabled |
The fact is describing whether the MDM Activation Lock is enabled
on an Apple device. If the value is true, it means that the Activation
Lock feature is enabled, which requires the user to enter their Apple
ID and password before the device can be activated or used. If the
value is false, it means that the Activation Lock feature is disabled.
|
mdm |
| is_mdm_lost_mode_enabled |
Indicates whether the Mobile Device Management (MDM) Lost Mode is
enabled on the Apple device. Lost Mode is a feature that can be activated
remotely to help locate a lost or stolen device. When enabled, the
device will display a custom message with contact information and
can be tracked using Find My iPhone/iPad/Mac.
|
mdm |
| is_recovery_lock_enabled |
The fact is describing whether the Recovery Lock feature is enabled
on an Apple device. Recovery Lock is a security feature that prevents
unauthorized access to the device by requiring the user to enter
their Apple ID and password before erasing or reactivating the device.
|
mdm |
| is_roaming |
Indicates whether the Apple device has roaming enabled or not.
|
mdm |
| is_shared_ipad |
Is iPad device a Shared iPad. |
mdm |
| is_supervised |
Indicates whether an Apple device is supervised or not. Supervised
devices have additional management capabilities and restrictions
compared to unsupervised devices.
|
mdm |
| is_user_enrollment |
Returns true if the device is enrolled as BYOD (Bring Your Own Device)
otherwise false. User Enrollment allows organizations to securely
manage and separate personal and work data on Apple devices. It provides
a dedicated work profile for business data and apps, while keeping
personal data separate and private.
|
mdm |
| languages |
Describes the list of languages supported by an Apple device.
|
mdm |
| last_cloud_backup_date |
The most recent date and time when the data on an Apple device was
backed up to the cloud. This backup includes various types of data
such as photos, videos, contacts, messages, and app data. It is important
to regularly back up devices to ensure that data is safe and can
be restored in case of device loss, damage, or software issues.
|
mdm |
| maximum_resident_users |
Max Resident Users refers to the maximum number of users that can
be logged in and active on an Apple device at the same time.
|
mdm |
| mdm_last_connected |
The date when a mobile device management (MDM) solution last connected
to an Apple device. This information is useful for tracking the last
time the device was managed or updated by the MDM solution.
|
mdm |
| meid |
Returns the MEID (Mobile Equipment Identifier). MEID is unique identification
number assigned to a Apple devices for activation and registration
purposes.
|
mdm |
| modem_firmware_version |
Firmware version of cellular modem. The modem is responsible for
managing the device's cellular connectivity and performance, including
features like call quality, data speeds, and network compatibility.
|
mdm |
| os_version |
Retrieves the macOS system version information. The value is 'n/a'
if it is not available.
|
mdm |
| passcode_compliant |
Returns 'true' if Passcode is compliant with security requirements
specified by IT admins, otherwise it returns 'false'.
|
mdm |
| passcode_compliant_with_profiles |
Returns 'true' if Passcode is compliant with security requirements
specified by IT admins via MDM Profiles otherwise it returns 'false'.
|
mdm |
| passcode_lock_grace_period |
The user preference for the number of seconds before a locked screen
requires the device passcode to unlock it. This value is only available
for Shared iPad.
|
mdm |
| passcode_lock_grace_period_enforced |
The enforced value for the number of seconds before a locked screen
requires the device passcode to unlock it. If a device has a passcode,
changing PasscodeLockGracePeriod to a larger value doesn't take effect
until the user logs out or removes the passcode. This value is only
available for Shared iPad.
|
mdm |
| passcode_present |
Indicates whether or not the Apple device has a passcode set. If
the value is true, it means that a passcode is present on the device.
If the value is false, it means that no passcode is set.
|
mdm |
| personal_hotspot_enabled |
Indicates whether the Apple device has the Personal Hotspot feature
enabled or not.
|
mdm |
| phone_number |
The phone number associated with an Apple device. |
mdm |
| push_certificate_name |
Push certificate name that a device is associated to. |
mdm |
| push_certificate_topic |
Push certificate topic that a device is associated to. |
mdm |
| secure_boot_level |
The level of security implemented in the boot process of an Apple
device. Possible values are 'Full', 'Off', and 'Not Supported'. Full
means that the device will only boot with legitimate and unmodified
OS. Off means that OS integrity will not be verified. Not supported
means that this is an older device that does not support this feature.
|
mdm |
| sim_carrier_network |
The mobile network operator that provides cellular service to an
Apple device. It is the company that the device is connected to for
making calls, sending texts, and accessing mobile data.
|
mdm |
| subscriber_carrier_network |
The name of the subscriber carrier network. |
mdm |
| subscriber_mcc |
The current HotSpot 2.0 subscriber Mobile Country Code (MCC) settings.
|
mdm |
| voice_roaming_enabled |
Indicates whether voice roaming is enabled on the Apple device. If
voice roaming is enabled, the device can make and receive phone calls
while connected to a different cellular network than its home network.
|
mdm
|
| available_disk_space_gb |
Available space is made up of both Free space and Purgeable space.
Represented in GBs* (See footnote at the bottom of the article)
|
Agent |
| available_disk_space_percentage |
Available space is made up of both Free space and Purgeable space.
Represented in percentage of total disk space
|
Agent |