osctrl v0.3.1 releases: Fast and efficient osquery management

osctrl

osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint.

With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs, and allow you to run on-demand queries.

With osctrl you are able to:

• Monitor all your systems running osquery,
• Distribute osquery configuration fast across all your enrolled nodes,
• Collect all the status and result logs, whether you want to store them or forward them to a different system (Splunk, ELK, Kafka, Graylog…),
• Run quasi-real-time on-demand queries in your selected enrolled nodes,
• Carve files or directories from your enrolled nodes.

Components

Changelog v0.3.1

• Use branch main instead of master in provision.sh by @javuto in #302
• Using osctrl-api for nodes in osctrl-cli by @javuto in #301
• Get nodes by environment in osctrl-api by @javuto in #303
• Support for queries in osctrl-api by @javuto in #304
• Carves using environment id by @javuto in #305
• Edit permissions in osctrl-admin by @javuto in #306
• Retrieving users from osctrl-api using osctrl-cli by @javuto in #307
• Retrieve carves with osctrl-api and osctrl-cli by @javuto in #308
• Better errors in osctrl-cli by @javuto in #310
• Node actions in osctrl-api by @javuto in #311
• Preparing for release v0.3.1 by @javuto in #312

Install && Use

Copyright (C) 2019 jmpsec