Pansift: Rapid find and fix for network and system issues, remotely. Better support for your team, tribe, or family. Stay connected and sane.
PanSift is a macOS troubleshooting and monitoring tool with a focus on the network. It is for those who support others remotely and enables them to rapidly find and fix issues (especially WiFi related). Whether you are a family member doing Zoom calls, a developer, a salesperson, or a gamer - few can afford to be disconnected, interrupted, or slowed down. Pansift makes the invisible visible for a quick fix.
PanSift is about helping clients and teams avoid stress and stay productive by helping to optimize their tools and networks. It’s about saving you time, maintaining your and other’s situational awareness, and getting to root causes quickly, easily, and remotely (even for historical issues!). Whether it’s WiFi, DNS, IPv4, IPv6, or HTTP issues - PanSift allows you to keep an eye on multiple remote machines (just like server monitoring) only with a lighter, heavily wireless-focused, and user-friendly agent. More info: https://pansift.com
See status.pansift.com for live operational status.
While logged in as a user, download the Pansift PKG and run it.
You can then claim your agent from the agent’s user interface options in your Mac’s menubar (under “PS”) or do so manually via the web application (using the agent’s bucket UUID code). Claiming will require you to sign up for an account at https://pansift.com to view your agent’s data and insights. Happy troubleshooting!
Unattended installs assume that an orchestration or MDM (Mobile Device Management) platform is available to you. It also assumes command line and/or custom scripting access within a user’s valid session and context (i.e. the targeted user on the machine). This approach also assumes you have paid for > 2 agents and want minimal interaction with the user(s) or endpoint(s) for provisioning.
For paid accounts (i.e. > 2 agents) please contact support to have a commercial multi-agent bucket pre-prepared for you in advance (otherwise each agent will get its own bucket on the free platform and lots of individual bucket UUIDs will need to be communicated and claimed individually). We are working to simplify and automate this process.
This method is required to prevent the ZTP (Zero Touch Provisioning) process from running. It involves pre-staging the agent configuration and is required before running any PKG installer. It also means you must specify custom settings in a pre-install script in advance of any other steps or scripted PKG installs. This ensures that agents will report to your specific nominated bucket from the outset.
Automatic provisioning requires amending portions of the unattended_preinstall.sh script and running it on remote machines before installing the PKG file. You must customize 3 configuration items (
Buckets form one boundary for account-based reads and agent writes. Buckets also define the test host records used by DNS, HTTP, and traces for all agents in that bucket. Please consider what agents you want to report in to what buckets. Multiagent buckets allow you to administer a group of agents rather than the default 1-1 agent to bucket mapping.
You must run the script
unattended_preinstall.shscript as root. It then switches (when necessary) to the logged in user (i.e. the one you presumably wish to target).
Note: You can also pre-stage fully populated pansift_uuid.conf, pansift_token.conf, and pansift_ingest.conf yourself if you wish (though this is what the unattended_preinstall.sh does). You should be able to copy the script to your MDM or orchestration tool’s pre-installation script window and ensure it is run while there is a logged-in user.
Once the Pansift.app runs for the first time, it bootstraps its configuration. If the files above are not present, it will run the normal ZTP process to get new and random bucket details (which you probably don’t want as then you need to interact with the user or re-push your nominated bucket details and reinstall or restart the agent locally).
pansift_uuid.conf contains a single string comprised of a UUIDv4 value e.g. 84b878ec-da07-490e-8375-c36dfbb098fa. YOU CAN NOT ARBITRARILY CREATE IDs YOURSELF; they must be provisioned in advance. This is actually the bucket UUID that you want the agent to writes to. This bucket UUID is available from your account. If you have not claimed any buckets yet or wish to use a new and dedicated bucket then please contact support
pansift_token.conf contains a single string comprised of an 86-character hexadecimal string ending in a double equals “==” (so it’s 88 characters long). YOU CAN NOT ARBITRARILY CREATE IDs YOURSELF; they must be provisioned in advance. This ZTP write token is available from the bucket details in your account. The write token for the bucket can be used by multiple agents hence a ‘multiagent’ bucket. Contact support if you are using a “multiagent” bucket and want discrete tokens per agent rather than creating more buckets as a grouping boundary. This token only allows writes and not reads to a specific bucket.
pansift_ingest.conf contains a single string comprised of a fully qualified URL for the bucket’s datastore and ingest host. It takes the form of the pansift/bucket UUID as the host portion in the ingest subdomain. A URL example would be as such; https://84b878ec-da07-490e-8375-c36dfbb098fa.ingest.pansift.com (but replace with your UUID), and it needs to resolve in DNS before writes will succeed. This URL tells the agent which datastore host to speak to. The DNS entry is created during the normal ZTP process or by support (so please liaise with support for mass deployments if you are unsure). Please also check the PanSift log for a new agent or contact support if this is not resolving for you. The FQDN(Fully Qualified Domain Name) is a CNAME that points to the datastore A record.
pansift_ingest.confdatastore URL with the A record. Use “https://“ + the CNAME which follows the pattern ofhttps://<uuid>.ingest.pansift.comotherwise backend operational changes may cause interruptions to your agents’ ability to write.
There are three options for uninstalling PanSift:
There’s an “Uninstall” option in the Agent menu under “PS/Internals/Uninstall/Interactively” (which opens the terminal and goes from there, including asking you to record your configuration if required, or supplying your password).
Alternatively, you can remove it from your “Login Items” and also delete from “Applications” + stop the Telegraf process (though this is what the Uninstall script does). If the “Uninstall” option is not bringing up your Mac’s “Terminal”, just open a fresh “Terminal” and click “Uninstall” from the menu again.
Please use the “-s” silent command line option for unattended uninstalls when using Uninstall script remotely.
The parent process should have root-level permissions, as removing applications from the /Applications folder requires escalated privileges (including removing Login Items for a user using System Events).
Note: If you look at the script, it expects the user under which PanSift was installed to be logged in. So, even though running with root permissions, $HOME should resolve for the current user to ensure the login items are removed, as are the configuration files.
Please see the uninstall script here: Uninstall script
Simply open the PanSift Uninstaller package and follow along. It will ask you for your password and if it can access “System Events” and “Documents” to remove PanSift including its “Login Item”.
sudo installer -pkg Pansift_Uninstaller.pkg -target /Applications/which can be useful in remote management scenarios. Make sure you specify the correct path to the PKG file once you have prepositioned it after download.