While the Kandji Agent is primarily hands-off after it is installed on a Mac, a few Terminal commands are available for additional control.
Run
sudo kandji runThe agent will run and check in immediately. Normally, the agent checks in every 15 minutes. Without an internet connection, the agent will run in offline mode.
sudo kandji run --reset-dailyAdding --reset-daily to the run command will run all Parameters, including those that are run only once per day.
Run Daily MDM Inventory Update
sudo kandji update-mdmThe agent will request the MDM server to initiate its daily MDM commands, such as validating Apps & Books from Apple Business Manager, as well as querying certain device information.
Collect Apps
sudo kandji collect-appsCollects full application inventory from the Mac.
Run Library Items
sudo kandji libraryChecks for library items to execute. Available library command options:
Option | Description |
|---|---|
| List all of the library items assigned to the computer. |
| Get the current state of the Kandji Agent library manager. |
| Run a specific library item by name or library item ID; specify -F to force the execution. |
| Cancel the currently running library item and clears the current queue. |
Print Kandji Logs
sudo kandji logs --last <seconds>Prints log entries for the Kandji Agent subsystem from the unified logging system. The `--last` option is required and specifies the number of previous seconds to print logs from. Replace <seconds> with a number, like 300. (Actual results displayed are limited based on available unified log storage.)
Redirect the output of the command using > to save to an external log file.
Available logs command options:
Option | Description |
|---|---|
| Print log entries without ANSI color formatting. |
| Includes debug level logs, debug logging must be enabled prior. |
sudo log config --mode "level:debug" --subsystem io.kandji.KandjiAgentEnable debug logging.
sudo log config --mode "level:default" --subsystem io.kandji.KandjiAgentDisable debug logging.
sudo kandji logs --no-format --debug --last 10000 >~/Desktop/kandji.logExample debug logging command usage.
Avert
sudo kandji avert --list-quarantineList quarantined files.
sudo kandji avert --delete-quarantineDelete quarantined files.
Scriptable Option: Reboot
sudo kandji reboot --delaySeconds NumberOfSecondsThis option can be used in scripted workflows to force a reboot leveraging the Kandji Agent and menu bar application. It is visually similar to the reboot forced during FileVault enablement or a Managed OS upgrade.
This initiates a restart by prompting the logged-in user with a countdown timer. If no delay is specified, the default 1800 (30 minutes) will be used. If no user is logged in, the delay will be ignored, and the Mac will restart immediately.
sudo kandji reboot --no-deferral Forces a restart without giving users the option to delay.
When using the scriptable options below, such as within a Custom Script Library Item, you must use the full path to the binary: /usr/local/bin/kandji
Scriptable Option: Dock
sudo kandji dock [--add bundle identifier] [--remove bundle identifier] [--all]This option can be used in scripted workflows to add items to the end of the macOS Dock or remove items from the macOS Dock of the currently logged-in user.
The application referred to by the bundle identifier must be in the /Applications folder.
Optionally specifying the --all option adds the icon to the end of the Dock for all user accounts.
If using multiple options at a time, use a single command, and separate options using quotes and separating spaces, as shown in the example below.
/usr/local/bin/kandji dock --add "com.google.Chrome us.zoom.xos com.tinyspeck.slackmacgap"Scriptable Option: Alert
sudo kandji display-alert [--title text] [--message text] [--icon path_to_image] [--suppression-key string] [--help-url url] [--no-wait]This command can be used in scripted workflows to present an alert to users. It has several options, outlined below.
Option | Description | Default if not provided |
|---|---|---|
| Specifies a custom title for the alert window | "Alert" |
| Specifies a custom message for the alert window | No default value |
| Specifies a custom icon for the alert window. It is recommended to use .jpg, .png, or .icns files | Kandji Agent icon |
| If provided, it will show an option to the user: "Do not show this message again" If this suppression key is provided in a future alert, and the user opts not to see it again, the alert will not be shown. | No default value If no suppression key is specified, the "Do not show this message again" option is not displayed. |
| Allows for specifying a custom URL for the alert Help button. Must be an HTTPS URL | No default value If no URL is specified, the Help button is not displayed. |
| Allows the alert to show but keeps the remainder of the script running without waiting for user interaction on the alert | Alert will show and wait for interaction from the user before the script proceeds. |
Below is an example of the underlying command for an alert and the resulting experience in macOS Ventura:
sudo /usr/local/bin/kandji display-alert --title "Low Disk Space" --message "Your Mac computer's Hard Drive is running critically low on space, please contact Accuhive IT as soon as possible." --suppression-key accuhive --help-url https://kandji.io --no-wait
Submit Diagnostics
sudo kandji submit-diagnostics [--comment text]Submit Diagnostics to Kandji. Equivalent to the action menu (gear) item available in the Kandji Menu.
Option | Description | Default if not provided |
|---|---|---|
| Specifies a comment to be presented in the diagnostics | No default value |
Version
sudo kandji versionDisplay the installed Kandji Agent version.
Help
sudo kandji helpDisplay help text.