osquery-configuration icon indicating copy to clipboard operation
osquery-configuration copied to clipboard

Published 20 hours ago verified publisher icon palantir

Metadata

A repository for using osquery for incident detection and response

Results 5 osquery-configuration issues
Sort by recently updated
recently updated
newest added

Table socket_events is event-based but events are disabled

I think the `--disable-events=false` flag is needed to avoid this error. I have create a pull request #18, but apparently there's a problem with the CI because of Node.js 4.x?...

ychaouche avatar ychaouche

--disable-events=false

2 comment

This flag is needed to process events, otherwise you get "virtual_table.cpp:969] Table socket_events is event-based but events are disabled"

ychaouche avatar ychaouche

Unkown kind 'options'

1 comment

I just started with fleetdm and osquery. ``` # fleetctl --version fleetctl - version 4.10.0 branch: HEAD revision: 67827474c22b61a08f112e682b994aa3e9356133 build date: 2022-02-14 build user: runner go version: go1.17.7 ``` I...

er4z0r avatar er4z0r

Update osquery-configuration repo - 2021-01

Update osquery-configuration repository to reflect latest configurations. **ETA: Jan/Feb 2021.**

cryps1s avatar cryps1s

enhancement

pack scheduled query interval too low

I tried to apply the config from `osquery-configuration/Fleet/Endpoints/Windows/osquery.yaml` using `fleetctl` like so: ``` fleetctl config set --address https://fleetserver.example.com:443 fleetctl login --email ${FLEET_EMAIL} --password ${FLEET_PASSWORD} fleetctl convert -f osquery-configuration/Fleet/Endpoints/Windows/osquery.yaml -o osquery-configuration/Fleet/Endpoints/Windows/osquery.yaml...

DasFaultier avatar DasFaultier

Metadata

808
Stars
120
Forks
Watchers

Owner

verified publisher icon palantir

Metadata

A repository for using osquery for incident detection and response

Back