In Jamf’s November 2024 Jamf Pro 11.11 update Jamf silently added in a 25 KB limit to policy log output. This will limit the your ability to troubleshoot scripts that fail to run with an output more than 25 KB.
Jamf support notes that this is to prevent “server degradation”. There is no public documentation on the new limitation, nor is it included in the Jamf Pro 11.11 release notes. Jamf’s suggestion is to modify scripts to limit output or send any additional data to a local log file instead.
Jamf Premium cloud customers can request this limit be increased.
Credit to Eric Carr of Mann Consulting for identifying this issue.
Testing
Testing this is quite simple, create a policy that uses this script which outputs ~27 bytes of data 1,000 times:
#!/bin/zsh
for i in {1..1000}; do
echo "ThisStringIsAbout25Bytes $i"
doneRun the policy and check the log output. As shown in the image below you’ll see the log output is truncated at 25KB with …Output Truncated…
Next steps
Unless you’re on cloud premiums your options are limited, but include:
- Setup external logging to Datadog or Splunk.
- Rewrite the log files located in /Library/Application Support/JAMF/tmp/ before Jamf submits them.
- Reduce your logging statements in scripts.
IT Notes 
Honestly my biggest issue with this is Jamf is making undocumented changes. This isn’t first time they’ve done this. I had a ticket in with them for something a few months back and they stealth fixed it in a release. I assume it’s so release notes aren’t just full of fixes… or maybe they don’t want to admit things were broken to begin with… but it does no one any favors when they adjust a behavior and don’t say anything.
LikeLike