Hi all, what would be the best way of going about “linking” a user (read: person) to their device, as it appears in the result logs? We could have an external list of users and their device UUIDs, then get the UUID in the osquery decorators, but ideally we’d want something less manual than keeping a separate ledger

osquery can pull the device serial, which you can link to your asset management system

We do this in our SaaS product. The user/device association stuff has been super valuable to people, and surprisingly hard.

Yes, it does seem difficult. I think what we’ll do is have the user complete a form to download launcher, such that we can collect the link information there, a bit like (I assume) you do in the SaaS, since the user is logged in at time of package download

For us, that request comes through slack. We do some trickery to make it all work. Given apple's notarization time, we can't build on demand.

Hmm yeah, it did cross my mind of potentially getting something like an email from the launcher installer, but seems a bit a hacky

The launcher installer has some magic to support this. It’s alluded to in the https://github.com/kolide/launcher/pull/530 ( feel like i”m dangling carrots here)

I’ve tried the SaaS and it’s great, but we have a requirement of only using open source, don’t worry I did say “hey look this does what we want” haha

That’s an interesting requirement. Can you say more about what drives it?

Yes, some of the agents we are deploying will be to “non-employees” i.e. contractors, associates (should they agree/accept privacy terms), and so it’s sort of a security/trust measure

There’s functionality in k2 to handle that — some devices can be marked as private, which exposes vastly less to the admins. . Ultimately, one has to trust Kolide won’t change operations, but we have a pretty strong commitment there.