Deploying Osquery Part 2 - The basics, cont.

Published at December 10, 2017 ·  5 min read

Wecome to part 2! In part 1 we looked at the first part of the osquery configuration and the options used to set osquery’s behavior. In this post, we’ll finish up looking at the config so we can move on to more interesting things in subsequent posts! Schedule Next up is the “schedule” section. Once again we’ll clean out the comments, since we can comment in the blog instead....

Deploying Osquery Part 1 - The basics

Published at December 3, 2017 ·  7 min read

Getting started with osquery Ok, so you’ve done some quick reading or perhaps someone told you about how friggin awesome osquery is and how they’ve used it to solve world hunger in their new fancy startup. Maybe you read a cool article on <random infosec news site>. Osquery sounds really awesome and you’re ready to go hog-wild. Let’s DO THIS!! Perfect. That’s what this series of blog posts is for....