Open source · AGPL-3.0 · Asset reconciliation, automated

Every device.
One source of truth.

Cairn pulls your fleet from the tools that already manage it — Jamf, Intune, Kandji, ChromeOS, CrowdStrike and more — and keeps your asset database honest, automatically — and pushes asset tags back to the MDM so both sides agree. It's free and open source (AGPL-3.0): self-host it yourself, at no cost, forever.

Get it on GitHub Read the docs

Free & open source · Single binary · macOS · Windows · Linux

cairn — fleet reconciliation 
$ cairn sync --dry-run
 Loading config from ./cairn.yaml
 Pulling fleet: jamf (412) · intune (377) · crowdstrike (455)
 Reconciling by serial number…
[ok] 461 devices matched · 12 new · 3 conflicts resolved by trust priority
~ dry-run: no changes written to Snipe-IT
cairn.yaml 
mode: fleet
sources:
  - type: jamf
    base_url: https://acme.jamfcloud.com
    trust: 90        # higher wins on conflict
  - type: intune
    trust: 70
sink:
  type: snipe-it
  base_url: https://assets.acme.com
notify:
  - type: slack

Built for honest inventory

Cairn does one job well: it makes your system of record match reality.

  • Pluggable providers

    Add a new MDM or EDR by dropping in a provider — no changes to the core engine.

  • Agent & fleet modes

    Run on each endpoint to sync that machine, or run centrally to reconcile the whole fleet.

  • Serial reconciliation

    Merges records for the same physical machine across tools, field-by-field, by trust priority.

  • Security-first

    HTTPS-only, secrets via env vars, config permission checks, and serial masking in logs.

  • Single binary

    One cross-platform binary for macOS, Windows, and Linux — download a release or build from source on GitHub.

  • Dry-run mode

    Preview every create, update, and conflict resolution before a single write hits your SoR.

Why "Cairn"

A cairn is a stack of stones travelers build to mark a safe path — each one placed by someone who came before, so the next person doesn't lose their way. That's the spirit of this project: an open, community-built set of markers that show small teams the route through compliance. Anyone can add a stone; everyone benefits from the trail.

Cairn doesn't have to stand alone — it integrates with Sightline, Lookout, and Bastion, so the evidence and posture you build here can flow into the rest of your compliance and monitoring stack.

Works with the tools you already run

Cairn reads from your management tools and writes to one system of record.

Sources

System of record

Notifications

Install Cairn

Pick your platform. Cairn is free and open source (AGPL-3.0) — grab a release from GitHub or build from source.

Grab the latest release binary from GitHub and drop it in your PATH:

# Download the latest macOS release from GitHub
curl -fsSL https://github.com/jsdosanj/cairn/releases/latest/download/cairn-macos.tar.gz | tar xz
sudo mv cairn /usr/local/bin/
cairn --version

Stop guessing what you own.

Reconcile your fleet in minutes — with a dry run first.

Get it on GitHub Read the docs

Get in touch

Questions about Cairn, a deployment, or a custom provider? Send us a note and we'll get back to you.