DinoSOARLab icon indicating copy to clipboard operation
DinoSOARLab copied to clipboard
verified publisher icon weslambert

Distributed velociratpor

Open Jacob-Tate opened this issue 3 years ago • 2 comments

Do you know if velociraptor supports distributed installs? For example the security onion manager runs on a segmented network with no access while a sensor runs with a leg into the server network which will facilitate the velociraptor communications.

image

Jacob-Tate avatar Jul 08 '22 23:07 Jacob-Tate

As it stands, Velociraptor currently runs on the manager node. This means that it clients will need to be able to connect to the manager node. I'm not saying it's not technically possible, but it's not currently supported. I will look at adding a dedicated Velociraptor node as time allows.

weslambert avatar Jul 09 '22 00:07 weslambert

Sounds good I can assist with this if there are docs or references you can provide regarding the addition of new nodes. Im familiar with a decent amount of the infrastructure and have been interested in adding something more substantial to get more familiar.

Jacob-Tate avatar Jul 09 '22 00:07 Jacob-Tate