cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Autoscoping tags based on OS version

Getting noticed

Autoscoping tags based on OS version

Is it possible to scope a tag to devices on a specific os version? Such as 10.13.x get “Tag A” and 10.14.x get “Tag B” from Systems Manager?

6 REPLIES 6
Highlighted
A model citizen

Re: Autoscoping tags based on OS version

Oh i really hope someone knows how to make this work because this would be awesome

Highlighted
Head in the Cloud

Re: Autoscoping tags based on OS version

@jm_peterson The closest I can think of to accomplish this is through security policies based on minimum OS version.

 

This would apply policy tag to each device.

 

securitypolicies.PNG

Found this helpful? Give me some Kudos! (click on the little up-arrow below)
Highlighted
Getting noticed

Re: Autoscoping tags based on OS version

@vassallon It was definitely a good idea. But it appears the security policy cant scope worth a damn and returns this. Screen Shot 2019-04-16 at 2.25.56 PM.png

Highlighted
Head in the Cloud

Re: Autoscoping tags based on OS version

What about if you add in these options for Mobile Security?

 

MobileSecurity.PNG

Found this helpful? Give me some Kudos! (click on the little up-arrow below)
Highlighted
Getting noticed

Re: Autoscoping tags based on OS version

@vassallonUnfortunately that didnt work. I was looking for a way to automate this for Mojave so custom pppc/tcc/kernel extensions could be applied as users update. Since there is no solution I threw one together.

Disclaimer, python is not my strong suit so there is probably a more efficient way to do this but this is working for me.

You just need to replace YOURSMNETWORKID with your network_id, yourreallylongapikey with your api key, and the tag name with whatever you want the tag to be. 

Hopefully this is of use to someone. ¯\_(ツ)_/¯

import requests
import json

meraki_url = 'https://api.meraki.com/api/v0/networks/YOURSMNETWORKID/sm/devices'
aki_key = 'yourreallylongapikey'
search_models = ['OS X 10.14', 'OS X 10.14.1', 'OS X 10.14.2', 'OS X 10.14.3', 'OS X 10.14.4', 'OS X 10.14.5']
meraki_payload = ""

meraki_headers = {
    'X-Cisco-Meraki-API-Key': aki_key,
    'cache-control': "no-cache"
    }

def tag_the_machines (serial_input):

    url = 'https://api.meraki.com/api/v0/networks/YOURSMNETWORKID/sm/devices/tags'

    args = {
        "updateAction": "add",
        "tags": "Mojave",
        "serials": serial_input
        }
    
    payload = ""
        
    headers = {
        'X-Cisco-Meraki-API-Key': aki_key,
        'Content-Type': "application/json",
        'cache-control': "no-cache",
    }
        
    try:
        r = requests.request("PUT", url, data=payload, headers=headers, params=args)
        r.raise_for_status()
        print ("Tagged" + '' + serial_input)
    except requests.exceptions.HTTPError as err:
        print (err)

def check_key(dict, key): 
      
    if dict.has_key(key): 
        global batch
        batch = dict[key] 
    else: 
        print ("Batch not key present")
  
def get_all_machines ():
   
    url = meraki_url

    payload = meraki_payload

    headers = meraki_headers

    r = requests.request("GET", url, data=payload, headers=headers)
    
    global all_machines
    all_machines = r.json()

    check_key (all_machines, 'batchToken')
    
    create_mojave_dict()

def send_batch_request ():
    
    url = meraki_url

    payload = meraki_payload

    querystring = {
        "batchToken": batch,
        }

    headers = meraki_headers
        
    r = requests.request("GET", url, data=payload, headers=headers, params=querystring)
    
    global all_batch_machines
    all_batch_machines = r.json ()

    create_mojave_batch_dict()

def create_mojave_dict ():
    serial_number = []
    os_name = []

    for m in all_machines["devices"]:
        serial_number.append(m["serialNumber"])
        os_name.append(m["osName"])

    machine_dict = dict(zip(serial_number, os_name))

    global mojave_machines
    mojave_machines = []

    for s in search_models:
        for k, v in machine_dict.items():
            if v == s:
                mojave_machines.append(k)

    for m in mojave_machines:
        tag_the_machines(m) 
    
def create_mojave_batch_dict ():
    serial_number = []
    os_name = []

    for m in all_batch_machines["devices"]:
        serial_number.append(m["serialNumber"])
        os_name.append(m["osName"])

    machine_dict = dict(zip(serial_number, os_name))

    global mojave_batch_machines
    mojave_batch_machines = []

    for s in search_models:
        for k, v in machine_dict.items():
            if v == s:
                mojave_batch_machines.append(k)

    for b in mojave_batch_machines:
        tag_the_machines(b) 

if __name__ == '__main__':
    get_all_machines()
    send_batch_request()
Highlighted
Kind of a big deal

Re: Autoscoping tags based on OS version

@jm_peterson  The overview section of systems manager will show a break down of OS versions, you could manually click on each version and apply a tag that way. You would have to constantly keep it up to date though. 

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels