Prism

By Emalee Firestein

What is Prism?

Prism is Kandji’s tool for viewing a large array of data about the devices in your fleet. Prism provides a centralized interface and a set of APIs to query this data in aggregate without inspecting individual devices.

With Prism, this data is automatically collected for you regularly and can be accessed anytime. Additionally, by leveraging data exports or the API, you can bring data into external tools and services from a simple spreadsheet to a data warehouse.


Available categories

Prism currently exposes the following categories of data. Note that attribute locations and category names are subject to change during the Preview phase.

  • Devices: General information about your enrolled devices–this section will eventually replace the main devices page within Kandji. 
  • Activation Lock: Activation lock details and status across iOS, iPadOS, and macOS devices. 
  • Application Firewall: Information about the status of the built-in macOS application firewall. This category does not include firewall exceptions. These will be available at a later time in their own category. 
  • Apps: Application inventory across your macOS and iOS device fleet.
  • Desktop & Screensaver: Desktop and screensaver configuration for macOS devices.
  • FileVault: FileVault status on macOS devices. 
  • Gatekeeper & XProtect: Gatekeeper and XProtect version and status information on macOS clients. Gatekeeper exceptions will be coming as a separate category. 
  • Installed Profiles: All installed profiles across all device types, including profiles not installed by Kandji. 
  • Kernel Extensions: All installed kernel extensions and their status for macOS devices. 
  • Launch Agents & Daemons: All launch daemons and launch agents and their status for macOS devices. 
  • Local Users: All local users for macOS devices. 
  • Startup Settings: Information such as System Integrity Protection (SIP) status, Sealed System Volume (SSV) status, and other core security settings for macOS. 
  • System Extensions: All installed system extensions and their status for macOS devices. 
  • Transparency Database: All Transparency, Consent, and Control/Privacy Preferences Policy Control (TCC/PPPC) exceptions for macOS devices.


Overview

Learn how to interact with Prism, query data, manage table views, and more. 

  1. The Prism tab

    • This is the new tabbed navigation layout to switch between the Devices and Prism pages of the Devices section in Kandji. Clicking Prism will open the Prism tab. 

  2. Global filters

    • The Edit view button allows you to filter the available categories and the results within all categories based on Blueprint or device family. For example, you may want to show only iOS devices within the All Employees Blueprint.

    • This global filter affects all categories. Some categories may become grayed out if they are not applicable to the filtered platform. For example, FileVault becomes grayed out if you select the global filter for iOS devices.

  3. Collapse sidebar

    • This button hides or unhides the prism category sidebar, allowing you to have a larger display area for the table. Additionally, you can hide the main Kandji sidebar to get an even larger display area. 

  4.  Column selector

    • When clicked, the column selector will open the column selection dialog. This modal dialog allows you to select what specific attributes you want visible in the table for the current category.

    • Within the column editor shown below, you can perform the following:

      1. Search for a specific attribute if you have a specific attribute in mind.

      2. Close the modal without saving changes, can also be done via cancel.

      3. Reset the category view to the Kandji default.

      4. Add an individual attribute to the table.

      5. Remove an attribute from the displayed table.

      6. Apply and save the changes.

      7. Additionally, you can drag and drop attributes to reorder the view.


  5. CSV export

    • The CSV export button allows you to export the entire contents of the category you are viewing, you can choose whether to include the currently displayed columns or all attributes of the category.

  6. Add filters

    • The Add Filter button, allows you to filter the results of the table based on the value of any attribute within the category. For example, within the FileVault category, you may want to create a filter that shows you where FileVault is ON but Kandji does not yet have the FileVault Recovery Key escrowed. This will show your devices where the user is ignoring the regeneration request in the Kandji menu bar app.
       

  7. Pagination controls

    • The pagination controls will allow you to page through a category. 

Attribute Values

It's important to understand the possible values for individual attributes within Prism. 

A single attribute may

  • Have a value

    • Boolean (true/false, yes/no, on/off), strings, numeric values, etc.

  • May have an empty value (for attributes that return an empty value)

    • For example, a launch daemon that doesn’t have any program arguments

  • May be null, especially if not applicable to the device platform

    • For example, application signature on iOS devices, because Apple does not expose application signing information over the MDM protocol 

Cross-Category Shared Attributes

You will notice that some attributes are present in each Prism category. 

  • Device

    • The name of the enrolled device–links to the device record

  • Assigned User

    • The assigned user of the device record–links to the user record

  • Blueprint

    • The assigned Blueprint for the device–links to the Blueprint record

  • Last Collected

    • The last timestamp at which the data was collected

  • Last Changed

    • The last timestamp at which the data was collected and the values mutated from their previous state. For example, FileVault status was collected and has toggled to On. 


Collection frequency

Collection frequency depends on the category and method in which we collect the data. 

Category 

Source

Collection Frequency

Compatibility 

Devices

Agent/MDM

24 Hours

All device families

Activation Lock

MDM

24 Hours

iOS, iPadOS, macOS

Application Firewall

Agent/MDM

15 Minutes / 24 Hours

macOS

Apps

Agent/MDM

24 hours for iOS/iPadOS/tvOS, near-instant for macOS. 

All device families

Desktop & Screensaver

Agent

15 Minutes

macOS

FileVault

Agent/MDM

15 Minutes

macOS

Gatekeeper & XProtect

Agent

15 Minutes

macOS

Installed Profiles

MDM

24 Hours

All device families 

Kernel Extensions

Agent

15 Minutes

macOS

Launch Agents & Daemons

Agent

15 Minutes

macOS

Local Users

Agent

Hourly

macOS

Startup Settings

MDM

24 Hours

macOS

System Extensions

Agent

15 Minutes

macOS

Transparency Database

Agent

15 Minutes

macOS


API

Prism was designed with an ‘API-first’ approach. Everything you can do via the web application is achievable from day one through the Kandji API.

With the Prism API, you can programmatically:

  • Query any individual category with any subset of filters

  • Request a CSV export of any category and retrieve the result set asynchronously 

You can find the permissions for Prism API access in the API permissions UI in the Kandji Web App under Settings > Access. These permissions are not turned on by default for existing API tokens.