Advanced
      Back to home
      1. Kandji Support
      2. Advanced

      Kandji Agent Command Line Interface

      Learn how to interact with the Kandji Agent using its Command Line Interface (CLI)

      While Kandji Agent is primarily hands-off after it is installed on a Mac, a few Terminal commands are available.

      Run

      sudo kandji run

      The agent will run and check in immediately. Normally, the agent checks in every 15 minutes. Without an internet connection, the agent will run in offline mode.

      sudo kandji run --reset-daily
      Adding --reset-daily to the run command will run all Parameters, including those that are run only once per day.

      Run Daily MDM Inventory Update

      sudo kandji update-mdm

      The agent will request the MDM server to initiate its daily MDM commands, such as validating Apps & Books from Apple Business Manager, as well as querying certain device information. 

      Collect Apps

      sudo kandji collect-apps

      Collects full application inventory from the Mac.

      Run Library Items 

      sudo kandji library

      Checks for library items to execute. Available library command options:

      Option Description
      --list List all of the library items assigned to the computer.

      --state

      		 Get the current state of the Kandji Agent library manager.

      --item

      		 Run a specific library item by name or library item ID; specify -F to force the execution. 

      --cancel

      		 Cancel the currently running library item and clears the current queue. 

      Print Kandji Logs

      sudo kandji logs --last <seconds>

      Prints log entries for the Kandji Agent subsystem from the unified logging system. The `--last` option is required and specifies the number of previous seconds to print logs from. Replace <seconds> with a number, like 300. (Actual results displayed are limited based on available unified log storage.)

      Redirect the output of the command using > to save to an external log file. 

      Available logs command options:

      Option Description
      --no-format Print log entries without ANSI color formating. 

      --debug

      Includes debug level logs, debug logging must be enabled prior. 


      Debug logging can be enabled by running: 

      sudo log config --mode "level:debug" --subsystem io.kandji.KandjiAgent

      Debug logging can be disabled by running:

      sudo log config --mode "level:default" --subsystem io.kandji.KandjiAgent

      Example command usage:

      sudo kandji logs --no-format --debug --last 10000 >~/Desktop/kandji.log

       

      Please note that when using the scriptable options below, such as within a custom script item, it is best practice to use the full path to the binary file:

      /usr/local/bin/kandji

      Scriptable Option: Reboot

      sudo kandji reboot --delaySeconds NumberOfSeconds

      This option can be used in scripted workflows to force a reboot leveraging the Kandji Agent and menu bar application. It is visually similar to the reboot forced during FileVault enablement or a Managed OS upgrade.

      Initiates a restart by prompting the logged-in user with a countdown timer. If no delay is specified, the default 1800 (30 minutes) will be used. If no user is logged in, the delay will be ignored and the Mac will restart immediately.

      Scriptable Option: Dock

      sudo kandji dock [--add bundle identifier] [--remove bundle identifier] [--all]

      This option can be used in scripted workflows to add items to the end of the macOS Dock or remove items from the macOS dock of the currently logged-in user.

      The application referred to by the bundle identifier must be in the /Applications folder. 

      Optionally specifying the --all option adds the icon to the end of the Dock for all user accounts. 

      Scriptable Option: Alert

      sudo kandji display-alert [--title text] [--message text] [--icon path_to_image] [--suppression-key string] [--help-url url]

      This command can be used in scripted workflows to present an alert to users. It has several options, outlined below.  

      Option Description Default if not provided
      --title Specifies a custom title for the alert window "Alert"

      --message

      		 Specifies a custom message for the alert window No default value

      --icon

      		 Specifies a custom icon for the alert window Kandji Agent icon

      --suppression-key

      		 If provided, will show an option to the user: "Do not show this message again" 

      If this suppression key is provided in a future alert, and the user opted to not see it again, the alert will not be shown.       		 No default value

      If no suppression key is specified, the "Do not show this message again" option is not displayed. 
      --help-url

      Allows for specifying a custom URL for the alert Help button.

      Must be an https URL 

      		 No default value

      If no URL is specified, the Help button is not displayed. 

       

      Below is an example of an alert in macOS Big Sur

      Screen Shot 2020-12-10 at 11.40.19 AM

      Version

      sudo kandji version

      Displays the installed Kandji Agent version.

      Help

      sudo kandji help

      Displays help text.