Updates

The PanSift agent 0.6.9 has been updated to address the macOS 15.3 (Sequoia) SSID name redaction. Even "sudo wdutil info" is now redacting the SSID name (not just the BSSID). We've had to adapt again to this, but thankfully the SSID is still available elsewhere.

Candidate installer file (v0.6.9): https://pansift.com/dl/candidate_pkg <-- click, check "Downloads", and then open!

The PanSift agent 0.6.8 has been updated to be compatible with macOS 15.x (Sequoia) betas, although we're still waiting for Apple to make a Privacy Preferences Policy Control (PPPC) Profile or keys available that don't prompt the user for local network access during installation.

Upgrade file (v0.6.8): https://pansift.com/dl/latest_pkg <-- click, check "Downloads", and then open!

The PanSift agent 0.6.7 now uses "sudo wdutil info" for macOS 14.4 and above (older macOS will still use the airport CLI tool). This new approach with "wdutil" is the first time the agent requires any elevated user privileges, and as such, the installer now adds a dedicated file called "pansift" to the directory "/etc/sudoers.d". This allows the targeted user account *only* to explicitly run "wdutil info" as part of the agent's stats collection. We do not enable arbitrary wdutil commands, just "wdutil info", and only for the user account logged in during install.

This means we can continue to get metrics such as MCS, number of spatial streams, and country code, but we can also restore information regarding the connected AP(Access Point) BSSID and OEM vendor. The "pansift" sudoers file is removed during uninstallation. It is viewable on macOS machines at "/etc/sudoers.d/pansift". We welcome all and any feedback as we strive to provide insights and make the invisible visible.

Upgrade file (v0.6.7): https://pansift.com/dl/latest_pkg <-- click, check "Downloads", and then open!

We are working on a newer agent to replace the current version 0.6.5 due to the deprecation of the airport command line utility in macOS 14.4. PanSift made heavy use of this utility to get specific Wi-Fi data and metrics. We already use a mix of utilities to get this data but need to adapt to this deprecation. This may mean having to utilize some higher privileged command levels and native APIs/SDK. Note: We had hoped to always run PanSift with the most minimal permission set, but Apple is making this harder ;)

The PanSift web application receives daily/weekly deployments for features, tweaks, and fixes. Code moves from local to staging to main (production) via our CI/CD pipeline built on Github Actions. The latest PR (Pull Request) and associated deployment address a long-standing creeping memory utilization issue (which was being intermittently masked by deployments and phased-restarts!).

We've upgraded from Ruby 3.0.1 to 3.0.6 with jemalloc to address better memory management and leaks. This updated ruby version also addresses the latest security updates for the 3.0.x train. The puma gem has also moved from 5.4.0 to 5.6.7 with additional fixes and optimizations. Additionally, work was performed to more cleanly complete and close remote API calls made using the influxdb-client-ruby gem (used extensively for our real-time graphs, reports, and insights). 

Note: In future, we will move to the Ruby 3.1.X train, but it currently has too many breaking changes due to issues with the pysch gem and other problematic dependencies. We also don't normally post web application updates here unless they are substantial features or notable fixes...  happy troubleshooting!

A delayed announcement, but Reports is now live for buckets (based upon your chosen SLE's and tolerances).

Note: Also, the agent binary is now v0.6.1 with some minor bugfixes and tweaks (like additional WLAN states and OSX version nuances). Please update your agents to the latest version v0.6.1 

Please update your agents to the latest version v0.5.9.  Fixes for the telegraf M1 binary depending upon architecture (the PS agent was always cross-compiled. However, telegraf would have previously only worked if Rosetta was already installed whereby now telegraf works by default by selecting the correct binary). Also, tweaks for scripts relating to 802.11ax and better tagging.