All Collections
FAQ
Teramind Agent
What features are supported on Mac?
What features are supported on Mac?
A
Written by Arick Disilva
Updated today

At the moment, Teramind on Mac has limited functionalities and are only supported on macOS 14 (Sonoma), macOS 13 (Ventura), macOS 12 (Monterey), macOS 11 (Big Sur), macOS 10.15 (Catalina) and macOS 10.14 (Mojave).

To take advantage of all the supported features, please upgrade to the latest version of the software. More information about the latest version of the Agent can be found on the Release Notes section.

Summary

Currently, Teramind on Mac supports the following features:

  • Agent - Both the Revealed and Hidden Agents are available on Mac. Please see the Details section below.

  • Monitoring - Limited: Screen, Applications, Web Pages (Safari, Chrome, Brave, Firefox, Opera), File Transfers, Keystrokes, Printer, Network, and Geolocation. Please see the Details section below.

  • Offline Recording - Available on the Hidden/Stealth Agent. Please see the Details section below.

  • Behavior Policies and Rules - Limited support for Activity-based rules for: Applications, Webpages (all major browsers), Keystrokes, Files, Printing, Networking. Only the Warn, Block, Notify and Lock Out User actions are supported. Please see the Details section below.

  • OCR (Optical Character Recognition) Report

  • Alerts Reports

  • Productivity Reports

  • Computers Report- Computer actions supported: enable/disable monitoring. Please see the Details section below.

  • System Log Report

  • Audit Report

  • View Recording and Playback - Video playback is available via the Session Player.

  • Remote Desktop Control - Available via the Session Player.

  • Configurations - Departments, Schedules, Positions, Access Control, Productivity Profiles.

  • Configurations > Shared Lists - Limited: Text and Regular Expressions-based shared lists are supported in Behavior Rules and Text and Network-based shared lists are supported in Monitoring Settings.

  • Monitoring Settings - i.e., creation of monitoring profiles, privacy settings etc. Not all settings are available or applicable on Mac. Please see the Details section below.

The following features aren’t supported:

  • Console Commands Monitoring

  • Emailing Monitoring

  • Instant Messengers Monitoring

  • Social Media Monitoring

  • Camera Usage Monitoring

  • Search Monitoring

  • Audio Recording

  • Risk Analysis

Details

Agent

mceclip6.png
  • It makes it easier for the end user to adapt if they switch from one agent to another. Please check out the How to use the Revealed Agent to learn more.

Here are a few notes about the Mac Agent:

  1. The Agent can be installed on both Intel and M1-based Macs. Check out the How to download and install the Teramind Agent to learn more.

  2. Starting from version 230, the Agent no longer requires the Rosetta add-on.

  3. Starting from version 238, You can uninstall the Hidden/Stealth Agent remotely from the dashboard.

  4. The Agent supports a number of installation/configuration parameters. For more information, see the Agent Installation/Configuration Parameters (Mac) section on the agent installation article.

  5. The Revealed Agent supports a number of launch parameters to run the agent in autonomous mode. For more information, see the Revealed Launch Parameters section on the How to use the Revealed Agent article.

  6. Starting from version 240, you can remotely enable/disable monitoring from the Dashboard (Computers screen).

  7. Starting from version 232, you can change the default process name ("System Monitoring") of the Agent to any name of your choice. For more information, please check out the release note.

Monitoring

Screen

With the Screen monitoring on, you can record user desktops and view them from the Monitoring Reports > Screen snapshots, from the Dashboards (e.g., Live Montage/Latest Snapshots widgets), and from anywhere you can launch the Session Player (by usually clicking the camera icon). You can also conduct OCR search and remote control the user's computer.

mceclip2.png

You can toggle the Screen monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip2.png
mceclip3.png

At the moment, the following settings under the Monitoring Settings > are available:

  • RECORD LOCKED SESSIONS

  • ALLOW REMOTE CONTROL

  • MESSAGE DURING REMOTE CONTROL

  • MESSAGE DURING INPUT FREEZE

  • TRACKING DAYS AND TIME

Please check out the Monitoring Settings > Editing Screen Settings section on the User Guide to learn more about these settings.

Applications

You can monitor which apps are being used on reports such as BI Reports > Applications & Websites, on the Dashboards (e.g., Online Employees widget), etc.:

mceclip0.png

You can toggle the Applications monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip0.png
mceclip1.png

At the moment, the following settings under the Monitoring Settings > are available:

  • MONITOR ONLY THESE APPLICATIONS

  • SUSPEND MONITORING WHEN THESE APPLICATIONS ARE USED

  • SUSPEND KEYSTROKE MONITORING WHEN THESE APPLICATIONS ARE USED

  • TRACKING DAYS AND TIME (Also know as the Monitoring Schedule)

The first three options support Text and Regular Expressions-based Shared Lists.

Please check out the Monitoring Settings > Editing Applications Settings section on the User Guide to learn more about these settings.

Websites

You can monitor web traffic including the HTTPS/TLS traffic on all major browsers (Safari, Chrome, Brave, Firefox, Opera). You can monitor which websites the users are visiting and view their activities on reports such as BI Reports > Applications & Websites, on the Dashboards (e.g., Online Employees widget), etc.:

mceclip0.png

You can toggle the Websites monitoring on/off or configure more detailed settings from the Monitoring Settings:

At the moment, the following settings under the Monitoring Settings > are available:

  • DON'T MONITOR WEB TRAFFIC FOR THESE IPS: You can use this option to exclude network traffic inspection for any IP address(es). Here are some additional notes about this option:

    • The field accepts IP addresses (e.g., 192.11.22.33) and IP masks (e.g., 212.23.48.33/24) and Network-based Shared Lists. Currently it doesn't support any domain names, regular expressions or Text-based Shared Lists.

    • When the option is used, Teramind proxy certificate ("Internet Widgits") will not be injected into the website(s) matching the IP address(es). As a result, Webpages-based rules will not work for any website(s) matching the IP address(es).

    • Website activities will be captured and appear on reports like the BI Reports > Applications & Websites.

    • Keystrokes will be captured and appear on reports like the BI Reports > Keystrokes.

  • TRACKING DAYS AND TIME: Also know as the Monitoring Schedule.

File Transfers

Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate file transfers monitoring. To learn how to do so, please check out the following sections on the How to download and install the Teramind Agent article:

You will be able to view users' file transfer activities such as Access, Copy, Read, Write, etc. on the Users folder* (including all the sub-folders), external drives, network storage (SMB), and Cloud drives (currently, OneDrive only). You can then view the reports on the Monitoring > File Transfers, BI Reports > File Events, etc.:

You can toggle the File Transfer monitoring on/off or configure more detailed settings from the Monitoring Settings:

At the moment, the following settings under the Monitoring Settings > are available:

  • FILE TYPES TO TRACK

  • FILE EXTENSIONS LIST TO TRACK

  • TRACK EXTERNAL DRIVES

  • TRACK DOWNLOADS AND UPLOADS FROM THESE APPLICATIONS: OneDrive app only.

  • DO NOT MONITOR THESE LOCATIONS

  • TRACK THE FOLLOWING OPERATIONS (under the ADDITIONAL SETTINGS tab)

  • TRACKING DAYS AND TIME (Under the ADDITIONAL SETTINGS tab. This is also know as the Monitoring Schedule)

Please check out the Monitoring Settings > Editing File Transfers Settings section on the User Guide to learn more about these settings.

Here are a few things to note about the File Transfers monitoring:

  • Currently, only the Users folder* (including all the sub-folders), Cloud drives app (currently, OneDrive app only), external drives and network drives (SMB) can be monitored.

  • Currently, the following file events aren't monitored/supported:

    • Web Upload (except for supported Cloud drives)

    • Web Download (except for supported Cloud drives)

  • Currently, the FILE DRIVER and EXCLUDE PROCESSES FROM FILE DRIVER options on the Monitoring Settings > Advanced window aren't supported.

*The Users folder is one of the core folders on a Mac. It contains the Home folders of multiple users along with the Shared Folder. Essentially, it has all the data of individual users.

users folder.png

Printed Docs

You can monitor which documents are being printer by the users on reports such as BI Reports > Printing. You can also view captured documents:

mceclip8.png

You can toggle the Printed Docs monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip6.png
mceclip9.png

At the moment, the following settings under the Monitoring Settings > are available:

  • MAXIMUM CAPTURE DOCUMENT SIZE (PAGES)

  • EXCLUDED PRINTER NAME (REGEXP)

  • CAPTURE ACTUAL DOCUMENT

  • TRACKING DAYS AND TIME (Also know as the Monitoring Schedule)

Please check out the Monitoring Settings > Editing Printed Doc / Printer Settings section on the User Guide to learn more about these settings.

Keystrokes

You can monitor keystrokes entered by the user on any app or websites on reports such as BI Reports > Keystrokes, on the Dashboards (e.g., Keystroke Log widget), etc.:

mceclip3.png

You can toggle the Keystrokes monitoring on/off or configure more detailed settings from the Monitoring Settings:

mceclip4.png

Note that:

  • At the moment, only the TRACKING DAYS AND TIME setting under the Monitoring Settings > is available.

Network

Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate network monitoring. To learn how to do so, please check out the following sections on the How to download and install the Teramind Agent article:

You can monitor TCP/IPv4-based network connections on macOS 11 (Big Sur) and later. You will be able to see the users' network activities under the Monitoring > Network Monitoring report:

mceclip2.png

You can toggle the Network monitoring on/off or configure more detailed settings from the Monitoring Settings:

Here are a few things to note about the Network settings:

  1. If you turn off the entire NETWORK monitoring - no certificate will be injected, no network tracking will take place, and Network-based behavior rules will not work.

  2. If you turn off the SSL option, but leave the TRACK NETWORK CONNECTIONS option on, then packets will be intercepted back and forth, Teramind proxy certificate will not be injected.

  3. If you turn off the TRACK NETWORK CONNECTIONS option, no network activities will be tracked. However, the Teramind proxy certificate will be injected. Websites and other network-based interceptions will work. Network-based behavior rules will work too.

  4. The DON'T DISABLE TEREDO is not applicable to Mac. It's only used in Windows.

  5. TRACK ONLY THESE IPS: allows you to monitor specific IP(s) only. You can enter IP addresses (e.g., 192.168.1.22) or use Network-based Shared Lists.

  6. DO NOT TRACK THESE IPS: does the opposite of TRACK ONLY THESE IPS.

  7. TRACK ONLY THESE PORTS: allows you to track only certain ports. For example, 25, 443, etc.

  8. DO NOT TRACK THESE PORTS: does the opposite of TRACK ONLY THESE PORTS.

  9. TRACK PROCESSES - allows you to specify which network processes to track. You can use process names (e.g., com.apple.safari, com.brave.browser, etc.) or Text-based Shared Lists.

Note that TRACK ONLY THESE IPS and TRACK ONLY THESE PORTS have higher priority than the DO NOT TRACK THESE IPS and DO NOT TRACK THESE PORTS settings. For example, suppose you specified the IP 162.11.23.1 in the TRACK ONLY THESE IPS field but then used a Shared List in the DO NOT TRACK THESE IPS which also had these IPs: 162.11.23.0, 162.11.23.1, 162.11.23.2, etc. In this situation, 162.11.23.1 will be monitored (and the rest of the IPs in the Shared List will not be monitored).

Offline Recording

Available on the Mac Hidden/Stealth Agent. This can be enabled/disabled from Monitoring Settings > Monitoring profile > Offline Recording or you can configure detailed settings from its Monitoring Settings:

Note that, currently, only the following activities can be recorded offline:

  • Screen

  • Applications

  • Printing (Printed Docs)

  • Keystrokes

Please check out the Monitoring Settings > Editing Offline Recording Settings section on the User Guide to learn more about these settings.

Geolocation

Unless you have already done so when you installed the Agent, you will have to enable a macOS permission from the Terminal to activate Geolocation monitoring. To learn how to do so, please check out the following sections on the How to download and install the Teramind Agent article:

You can track users' geolocations from the BI Reports > Geolocation report. You can also plot the coordinates on a map for easy visualization of the locations:

You can toggle the Geolocation monitoring on/off or configure the monitoring schedule from the Monitoring Settings:

At the moment, the following settings under the Monitoring Settings > are available:

Please check out the Monitoring Settings > Editing Geolocation Settings section on the User Guide to learn more about these settings.

Behavior Policies & Rules

Applications

Support for the Applications Activity-based rules are now available.

You can create a Applications rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

  • The rule currently supports only the Application Name, Application Caption and the Time Active (min) conditions.

  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.

  • Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Webpages and Applications and other relevant reports.

Webpages

Support for the Webpages Activity-based rules is now available on macOS 10.15 (Catalina) and later.

You can create a Webpages rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

  • All major browsers are supported.

  • The rule currently supports Webpage Url, Webpage Title, Request type and Query argument name criteria only.

  • At the moment, the Block and Warn rule actions are supported for all the supported criteria. Lock Out User Action is supported for rules using the Webpage Title criterion. Notify action is supported for Webpage Url and Webpage Title criteria. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.

  • You will be able to view the rule violation events on the BI Reports > Behavior Alerts report.

Printing

Support for the Printing Activity-based rules are now available.

You can create a Printing rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip1.png

Here are a few things to note:

  • The rule currently supports all the conditions: Number of Pages, Document Name, and Printer Name.

  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.

  • Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Printing and other relevant reports.

Keystrokes

Support for the Keystrokes Activity-based rules are now available.

You can create a Keystrokes rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip4.png

Here are a few things to note:

  • The rule currently supports the Text Typed, Word Typed, and the Application Name conditions.

  • Regular expressions are supported.

  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.

  • Rule violation events will be captured on the BI Reports > Behavior Alerts, Monitoring > Keystrokes and other relevant reports.

Files

Support for Files-based Activity rules is available for select operations such as Access, Copy, Rename, etc. You can create a Files rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

  • The rule currently supports the following File Operation conditions: Access, Copy, Write, Rename, and Delete).

  • Program conditions: Contains and Equals.

  • File Path conditions: Contains and Equals.

  • Drive conditions: All drives and All external drives.

  • Only the Block, Warn, and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.

Networking

Support for the Networking Activity-based rules is now available on macOS 11 (Big Sur) and later.

You can create a Networking rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

mceclip3.png

Here are a few things to note:

  • This feature isn't available on macOS 10.15 (Catalina) or older versions.

  • The rule currently supports Application Name, Remote Host, Remote Port, Bytes Sent and Bytes Received conditions.

  • Only the Block, Warn, Notify and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.

  • You will be able to view the rule violation events on the BI Reports > Behavior Alerts report.

Computers

You can now enable/disable monitoring from the Computers (via the Action Menu) or from the Computer's Details screen:

To enable/disable monitoring for multiple computers:

On the Computers screen, click the check marks in front of the computer names to select computers.

Click the Select action menu on the top-left corner and select the Enable Monitoring or the Disable Monitoring option from the drop-down menu.

The Monitored column will show the current monitoring status of the computer(s).

On the Revealed Agent, the user will not be able to log in if you disable the monitoring. If they are already logged in, they will be logged out immediately.

To enable/disable monitoring for a single computer:

Click on a computer's name from the Computers screen. It will take you to the Computer's Details screen:

Click the Monitor computer toggle button on the left to turn monitoring on/off.

Did this answer your question?