At the moment, Teramind on Mac has limited functionalities and are only supported on macOS 15 (Sequoia), macOS 14 (Sonoma), macOS 13 (Ventura), macOS 12 (Monterey), macOS 11 (Big Sur), macOS 10.15 (Catalina) and macOS 10.14 (Mojave).
To take advantage of all the supported features, please upgrade to the latest version of the software. More information about the latest version of the Agent can be found on the Release Notes section.
Summary
Currently, Teramind on Mac supports the following features:
Agent - Both the Revealed and Hidden Agents are available on Mac. Please see the Details section below.
Monitoring - Limited: Screen, Applications, Web Pages (Safari, Chrome, Edge, Brave, Firefox, Opera), File Transfers, Keystrokes, Printer, Network, and Geolocation. Please see the Details section below.
Offline Recording - Available on the Hidden/Stealth Agent. Please see the Details section below.
Behavior Policies and Rules
Limited support for Activity-based rules for: Applications, Webpages (all major browsers), Keystrokes, Files, Printing, Networking.
Limited Content Sharing rules support for Files.
OCR (fully supported).
Only the Warn, Block, Notify and Lock Out User actions are supported.
Please see the Details section below.
Behavior Alerts Reports
OCR (Optical Character Recognition) Report
Productivity Reports
Risk Report
Computers Report- Computer actions supported: enable/disable monitoring. Please see the Details section below.
System Log Report
Audit Report
View Recording and Playback - Video playback is available via the Session Player.
Remote Desktop Control - Available via the Session Player.
Configurations - Departments, Schedules, Positions, Access Control, Productivity Profiles.
Configurations > Shared Lists - Limited: Text and Regular Expressions-based shared lists are supported in Behavior Rules and Text and Network-based shared lists are supported in Monitoring Settings.
Monitoring Settings - i.e., creation of monitoring profiles, privacy settings, etc. Not all settings are available or applicable on Mac. Please see the Details section below.
The following features aren’t supported:
Behavior Policies and Rules - Agent Schedule
Emailing Monitoring
Instant Messengers Monitoring
Social Media Monitoring
Camera Usage Monitoring
Search Monitoring
Console Commands Monitoring
Audio Recording
Remote Update from the Computers page (on-premise deployments)
Automatic Agent Updates for cloud hosted customers can be enabled by request
Details
Agent
Both the Revealed and Hidden Agent are available on Mac. Check out the What is the difference between the Revealed Agent and the Hidden Agent? to learn more.
The Mac version of the Revealed/Visible Agent looks and works similar to the Windows version:
It makes it easier for the end user to adapt if they switch from one agent to another. Please check out the How to use the Revealed Agent article to learn more.
Here are a few notes about the Mac Agent:
The Agent can be installed on both Intel and M-series processors. Check out the How to download and install the Teramind Agent article to learn more.
Starting from version v0.1.230, the Agent no longer requires the Rosetta add-on.
Starting from version v0.1.238, You can uninstall the Hidden/Stealth Agent remotely from the dashboard.
The Agent supports a number of installation/configuration parameters. For more information, see the Agent Installation/Configuration Parameters (Mac) section on the agent installation article.
The Revealed Agent supports a number of launch parameters to run the agent in autonomous mode. For more information, see the Revealed Launch Parameters section on the How to use the Revealed Agent article.
Starting from version v0.1.240, you can remotely enable/disable monitoring from the Dashboard (Computers screen).
Starting from version v0.1.242, you can change the default process name ("System Monitoring") of the Agent to any name of your choice.
Monitoring
Screen
With the Screen monitoring on, you can record user desktops and view them from Monitoring Reports > Screen snapshots, from the Dashboards (e.g., Live Montage/Latest Snapshots widgets), and from anywhere you can launch the Session Player (usually by clicking the camera icon). You can also conduct OCR search and remote control the user's computer.
You can toggle the Screen monitoring on/off or configure more detailed settings from the Monitoring Settings:
At the moment, the following settings under the Monitoring Settings > are available:
RECORD LOCKED SESSIONS
ALLOW REMOTE CONTROL
MESSAGE DURING REMOTE CONTROL
MESSAGE DURING INPUT FREEZE
TRACKING DAYS AND TIME
Please check out the Monitoring Settings > Editing Screen Settings section on the User Guide to learn more about these settings.
Applications
You can monitor which apps are being used on reports such as BI Reports > Applications & Websites, on the Dashboards (e.g., Online Employees widget), etc.:
You can toggle the Applications monitoring on/off or configure more detailed settings from the Monitoring Settings:
At the moment, the following settings under the Monitoring Settings > are available:
MONITOR ONLY THESE APPLICATIONS
SUSPEND MONITORING WHEN THESE APPLICATIONS ARE USED
SUSPEND KEYSTROKE MONITORING WHEN THESE APPLICATIONS ARE USED
TRACKING DAYS AND TIME (Also known as the Monitoring Schedule)
The first three options support Text and Regular Expressions-based Shared Lists.
Please check out the Monitoring Settings > Editing Applications Settings section on the User Guide to learn more about these settings.
Websites
You can monitor web traffic including the HTTPS/TLS traffic on all major browsers (Safari, Chrome, Edge, Brave, Firefox, Opera). You can monitor which websites the users are visiting and view their activities on reports such as BI Reports > Applications & Websites, on the Dashboards (e.g., Online Employees widget), etc.:
You can toggle the Websites monitoring on/off or configure more detailed settings from the Monitoring Settings:
At the moment, the following settings under the Monitoring Settings > are available:
DON'T MONITOR WEB TRAFFIC FOR THESE IPS: You can use this option to exclude network traffic inspection for any IP address(es). Here are some additional notes about this option:
The field accepts IP addresses (e.g.,
192.11.22.33
) and IP masks (e.g.,212.23.48.33/24
) and domain names (e.g.,googl.com
,bbc.com
). Currently it doesn't support any Shared Lists or regular expressions.When the option is used, the Teramind proxy certificate ("Internet Widgits") will not be injected into the website(s) matching the IP address(es). As a result, Webpages-based rules will not work for any website(s) matching the IP address(es).
Website activities will be captured and appear on reports like the BI Reports > Applications & Websites.
Keystrokes will be captured and appear on reports like the BI Reports > Keystrokes.
TRACKING DAYS AND TIME: Also known as the Monitoring Schedule.
File Transfers
Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate file transfers monitoring. To learn how to do so, please check out the following sections on the How to download and install the Teramind Agent article:
You will be able to view users' file transfer activities such as Access, Copy, Read, Write, etc. on the Users folder* (including all the sub-folders), external drives, network storage (SMB), and Cloud drives (currently, OneDrive only). You can then view the reports on the Monitoring > File Transfers, BI Reports > File Events, etc.:
You can toggle the File Transfer monitoring on/off or configure more detailed settings from the Monitoring Settings:
At the moment, the following settings under the Monitoring Settings > are available:
FILE TYPES TO TRACK
FILE EXTENSIONS LIST TO TRACK
TRACK EXTERNAL DRIVES
TRACK DOWNLOADS AND UPLOADS FROM THESE APPLICATIONS: OneDrive app only.
DO NOT MONITOR THESE LOCATIONS
TRACK THE FOLLOWING OPERATIONS (under the ADDITIONAL SETTINGS tab)
TRACKING DAYS AND TIME (Under the ADDITIONAL SETTINGS tab. This is also known as the Monitoring Schedule)
Please check out the Monitoring Settings > Editing File Transfers Settings section on the User Guide to learn more about these settings.
Here are a few things to note about the File Transfers monitoring:
Currently, only the Users folder* (including all the sub-folders), Cloud drives app (currently, OneDrive app only), external drives and network drives (SMB) can be monitored.
Currently, the following file events aren't monitored/supported:
Web Upload (except for supported Cloud drives)
Web Download (except for supported Cloud drives)
Currently, the FILE DRIVER and EXCLUDE PROCESSES FROM FILE DRIVER options on the Monitoring Settings > Advanced window aren't supported.
*The Users folder is one of the core folders on a Mac. It contains the Home folders of multiple users along with the Shared Folder. Essentially, it has all the data of individual users.
Printed Docs
You can monitor which documents are being printed by the users on reports such as BI Reports > Printing. You can also view captured documents:
You can toggle the Printed Docs monitoring on/off or configure more detailed settings from the Monitoring Settings:
At the moment, the following settings under the Monitoring Settings > are available:
MAXIMUM CAPTURE DOCUMENT SIZE (PAGES)
EXCLUDED PRINTER NAME (REGEXP)
CAPTURE ACTUAL DOCUMENT
TRACKING DAYS AND TIME (Also known as the Monitoring Schedule)
Please check out the Monitoring Settings > Editing Printed Doc / Printer Settings section on the User Guide to learn more about these settings.
Keystrokes
You can monitor keystrokes entered by the user on any app or websites on reports such as BI Reports > Keystrokes, on the Dashboards (e.g., Keystroke Log widget), etc.:
You can toggle the Keystrokes monitoring on/off or configure more detailed settings from the Monitoring Settings:
Note that:
At the moment, only the TRACKING DAYS AND TIME setting under the Monitoring Settings > is available.
Network
Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate network monitoring. To learn how to do so, please check out the following sections on the How to download and install the Teramind Agent article:
You can monitor TCP/IPv4-based network connections on macOS 11 (Big Sur) and later. You will be able to see the users' network activities under the Monitoring > Network Monitoring report:
You can toggle the Network monitoring on/off or configure more detailed settings from the Monitoring Settings:
Here are a few things to note about the Network settings:
If you turn off the entire NETWORK monitoring - no certificate will be injected, no network tracking will take place, and Network-based behavior rules will not work.
If you turn off the SSL option, but leave the TRACK NETWORK CONNECTIONS option on, then packets will be intercepted back and forth, Teramind proxy certificate will not be injected.
If you turn off the TRACK NETWORK CONNECTIONS option, no network activities will be tracked. However, the Teramind proxy certificate will be injected. Websites and other network-based interceptions will work. Network-based behavior rules will work too.
The DON'T DISABLE TEREDO is not applicable to Mac. It's only used in Windows.
TRACK ONLY THESE IPS: allows you to monitor specific IP(s) only. You can enter IP addresses (e.g.,
192.168.1.22
) or use Network-based Shared Lists.DO NOT TRACK THESE IPS: does the opposite of TRACK ONLY THESE IPS.
TRACK ONLY THESE PORTS: allows you to track only certain ports. For example,
25
,443
, etc.DO NOT TRACK THESE PORTS: does the opposite of TRACK ONLY THESE PORTS.
TRACK PROCESSES - allows you to specify which network processes to track. You can use process names (e.g.,
com.apple.safari
,com.brave.browser
, etc.) or Text-based Shared Lists.
Note that TRACK ONLY THESE IPS and TRACK ONLY THESE PORTS have higher priority than the DO NOT TRACK THESE IPS and DO NOT TRACK THESE PORTS settings. For example, suppose you specified the IP 162.11.23.1 in the TRACK ONLY THESE IPS field but then used a Shared List in the DO NOT TRACK THESE IPS which also had these IPs: 162.11.23.0, 162.11.23.1, 162.11.23.2, etc. In this situation, 162.11.23.1 will be monitored (and the rest of the IPs in the Shared List will not be monitored).
Offline Recording
Available on the Mac Hidden/Stealth Agent. This can be enabled/disabled from Monitoring Settings > Monitoring profile > Offline Recording or you can configure detailed settings from its Monitoring Settings:
Note that, currently, only the following activities can be recorded offline:
Screen
Applications
Printing (Printed Docs)
Keystrokes
Please check out the Monitoring Settings > Editing Offline Recording Settings section on the User Guide to learn more about these settings.
Geolocation
Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate Geolocation monitoring. To learn how to do so, please check out the following sections on the How to download and install the Teramind Agent article:
You can track users' geographic location(s) from the BI Reports > Geolocation report. You can also plot the coordinates on a map for easy visualization of the locations:
You can toggle the Geolocation monitoring on/off or configure the monitoring schedule from the Monitoring Settings:
At the moment, the following settings under the Monitoring Settings > are available:
TRACKING DAYS AND TIME (Also known as the Monitoring Schedule)
Please check out the Monitoring Settings > Editing Geolocation Settings section on the User Guide to learn more about these settings.
Behavior Policies & Rules (Activity)
Applications
Support for Applications Activity-based rules are now available.
You can create an Applications rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
The rule currently supports only the Application Name, Application Caption, Time Active (min), and Time Idle (min), Time Focused, Total Time Active (min), Total Time Idle (min), Time Focused (min) conditions.
Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Webpages and Applications, and other relevant reports.
Please see the Rules Guide > Activity Rules: What Activities Can You Detect? > Applications section to learn more.
Webpages
Support for Webpages Activity-based rules is now available on macOS 10.15 (Catalina) and later.
You can create a Webpages rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
All major browsers are supported.
The rule currently supports Webpage Url, Webpage Title, Request type (not supported in Edge), Query argument name, Time Active (min), and Time Idle (min), Private Mode (Safari only) criteria only.
At the moment, the Block and Warn rule actions are supported for all the supported criteria. The Lock Out User Action is supported for rules using the Webpage Title criterion. The Notify action is supported for Webpage Url and Webpage Title criteria. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
You will be able to view the rule violation events on the BI Reports > Behavior Alerts report.
Please see the Rules Guide > Activity Rules: What Activities Can You Detect? > Webpages section to learn more.
Printing
Support for the Printing Activity-based rules are now available.
You can create a Printing rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
The rule currently supports all the conditions: Number of Pages, Document Name, and Printer Name.
Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Printing, and other relevant reports.
Please see the Rules Guide > Activity Rules: What Activities Can You Detect? > Printing section to learn more.
Keystrokes
Support for the Keystrokes Activity-based rules are now available.
You can create a Keystrokes rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
The rule currently supports the Text Typed, Word Typed, and the Application Name conditions.
Regular expressions are supported.
Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Keystrokes, and other relevant reports.
Please see the Rules Guide > Activity Rules: What Activities Can You Detect? > Keystrokes section to learn more.
Files
Support for Files-based Activity rules is available for select operations such as Access, Copy, Rename, etc. You can create a Files rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
The rule currently supports the following File Operation conditions: Access, Copy, Write, Rename, and Delete).
Program conditions: Contains and Equals.
File Path conditions: Contains and Equals.
Drive conditions: All drives and All external drives.
Only the Block, Warn, and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Files section to learn more.
Networking
Support for Networking Activity-based rules is now available on macOS 11 (Big Sur) and later.
You can create a Networking rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
This feature isn't available on macOS 10.15 (Catalina) or older versions.
The rule currently supports Application Name, Remote Host, Remote Port, Bytes Sent, and Bytes Received conditions.
Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
You will be able to view the rule violation events on the BI Reports > Behavior Alerts report.
Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Networking section to learn more.
OCR
Support for OCR Activity-based rules is fully supported.
Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > OCR section to learn more.
Behavior Policies & Rules (Content Sharing)
Files
Support for Files-based Content Sharing rules are now available.
You can create a Files Content Sharing rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:
Here are a few things to note:
Only the Content Data content and Content Type TEXT is supported.
All file operations such as Access, Write, Copy, etc. are supported.
Check out the Content Tab and Files sections under Content Sharing Rules: What Contents Trigger the Rules (Windows)? on the Rules Guide for more information.
Computers
You can now enable/disable monitoring from the Computers (via the Action Menu) or from the Computer's Details screen:
To enable/disable monitoring for multiple computers:
On the Computers screen, click the check marks in front of the computer names to select computers.
Click the Select action menu on the top-left corner and select the Enable Monitoring or the Disable Monitoring option from the drop-down menu.
The Monitored column will show the current monitoring status of the computer(s).
On the Revealed Agent, the user will not be able to log in if you disable the monitoring. If they are already logged in, they will be logged out immediately.
To enable/disable monitoring for a single computer:
Click on a computer's name from the Computers screen. It will take you to the Computer's Details screen:
Click the Monitor computer toggle button on the left to turn monitoring on/off.