Recent Searches

    Popular Articles

    Articles
    View all
      Topics
      View all
        Tickets
        View all
          no results

          Sorry! nothing found for

          Kandji Agent Command Line Interface

          By Jonathan Connor

          Learn how to interact with the Kandji Agent using its Command Line Interface (CLI)

          While Kandji Agent is primarily hands-off after it is installed on a Mac, a few Terminal commands are available.

          Run

          sudo kandji run

          The agent will run and check in immediately. Normally, the agent checks in every 15 minutes. Without an internet connection, the agent will run in offline mode.

          sudo kandji run --reset-daily
          Adding --reset-daily to the run command will run all Parameters, including those that are run only once per day.

          Run Daily MDM Inventory Update

          sudo kandji update-mdm

          The agent will request the MDM server to initiate its daily MDM commands, such as validating Apps & Books from Apple Business Manager, as well as querying certain device information.

          Collect Apps

          sudo kandji collect-apps

          Collects full application inventory from the Mac.

          Run Library Items 

          sudo kandji library

          Checks for library items to execute. Available library command options:

          OptionDescription
          --listList all of the library items assigned to the computer.

          --state

          		Get the current state of the Kandji Agent library manager.

          --item

          		Run a specific library item by name or library item ID; specify -F to force the execution. 

          --cancel

          		Cancel the currently running library item and clears the current queue. 

          Print Kandji Logs

          sudo kandji logs --last <seconds>

          Prints log entries for the Kandji Agent subsystem from the unified logging system. The `--last` option is required and specifies the number of previous seconds to print logs from. Replace <seconds> with a number, like 300. (Actual results displayed are limited based on available unified log storage.)

          Redirect the output of the command using > to save to an external log file.


          Available logs command options:

          OptionDescription
          --no-formatPrint log entries without ANSI color formating. 

          --debug

          Includes debug level logs, debug logging must be enabled prior. 


          Debug logging can be enabled by running: 

          sudo log config --mode "level:debug" --subsystem io.kandji.KandjiAgent

          Debug logging can be disabled by running:

          sudo log config --mode "level:default" --subsystem io.kandji.KandjiAgent

          Example command usage:

          sudo kandji logs --no-format --debug --last 10000 >~/Desktop/kandji.log


          Please note that when using the scriptable options below, such as within a custom script item, it is best practice to use the full path to the binary file:

/usr/local/bin/kandji

          Scriptable Option: Reboot

          sudo kandji reboot --delaySeconds NumberOfSeconds

          This option can be used in scripted workflows to force a reboot leveraging the Kandji Agent and menu bar application. It is visually similar to the reboot forced during FileVault enablement or a Managed OS upgrade.

          Initiates a restart by prompting the logged-in user with a countdown timer. If no delay is specified, the default 1800 (30 minutes) will be used. If no user is logged in, the delay will be ignored and the Mac will restart immediately.

          Scriptable Option: Dock

          sudo kandji dock [--add bundle identifier] [--remove bundle identifier] [--all]

          This option can be used in scripted workflows to add items to the end of the macOS Dock or remove items from the macOS dock of the currently logged-in user.

          The application referred to by the bundle identifier must be in the /Applications folder. 

          Optionally specifying the --all option adds the icon to the end of the Dock for all user accounts. 

          Scriptable Option: Alert

          sudo kandji display-alert [--title text] [--message text] [--icon path_to_image] [--suppression-key string] [--help-url url]

          This command can be used in scripted workflows to present an alert to users. It has several options, outlined below.

          OptionDescriptionDefault if not provided
          --titleSpecifies a custom title for the alert window"Alert"

          --message

          		Specifies a custom message for the alert windowNo default value

          --icon

          		Specifies a custom icon for the alert windowKandji Agent icon

          --suppression-key

          		If provided, will show an option to the user: "Do not show this message again"

          If this suppression key is provided in a future alert, and the user opted to not see it again, the alert will not be shown.           		No default value

          If no suppression key is specified, the "Do not show this message again" option is not displayed. 
          --help-url

          Allows for specifying a custom URL for the alert Help button.

          Must be an https URL 

          		No default value

          If no URL is specified, the Help button is not displayed. 

          Below is an example of an alert in macOS Big Sur

          Version

          sudo kandji version

          Displays the installed Kandji Agent version.

          Help

          sudo kandji help

          Displays help text.

          Preview
          0 of 0