osctrl v0.3.1 releases: Fast and efficient osquery management
osctrl
osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint.
With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs, and allow you to run on-demand queries.
With osctrl you are able to:
- Monitor all your systems running osquery,
- Distribute osquery configuration fast across all your enrolled nodes,
- Collect all the status and result logs, whether you want to store them or forward them to a different system (Splunk, ELK, Kafka, Graylog…),
- Run quasi-real-time on-demand queries in your selected enrolled nodes,
- Carve files or directories from your enrolled nodes.
Components
Changelog v0.3.1
- Use branch main instead of master in
provision.sh
by @javuto in #302 - Using
osctrl-api
for nodes inosctrl-cli
by @javuto in #301 - Get nodes by environment in
osctrl-api
by @javuto in #303 - Support for queries in osctrl-api by @javuto in #304
- Carves using environment id by @javuto in #305
- Edit permissions in
osctrl-admin
by @javuto in #306 - Retrieving users from
osctrl-api
usingosctrl-cli
by @javuto in #307 - Retrieve carves with
osctrl-api
andosctrl-cli
by @javuto in #308 - Better errors in
osctrl-cli
by @javuto in #310 - Node actions in
osctrl-api
by @javuto in #311 - Preparing for release v0.3.1 by @javuto in #312
Install && Use
Copyright (C) 2019 jmpsec