![]() ![]() PS> copy-item osquery-configuration/Fleet/Endpoints/Windows/* c:\ProgramData\osquery $ mv /var/osquery/osquery_no_tls.flags /var/osquery/osquery.flags # Non-TLS server testing $ cp osquery-configuration/Fleet/Endpoints/packs/* /var/osquery/packs $ cp osquery-configuration/Fleet/Endpoints/MacOS/* /var/osquery $ cp -R osquery-configuration/Fleet/Servers/Linux/* /etc/osquery #PROCESSING MINIM EXAMPLE WINDOWS#The desired osquery directory structure for Linux, MacOS, and Windows is outlined below: Assuming you'd like to use the endpoint configs, you can use the commands below to apply them: git clone įleetctl apply -f osquery-configuration/Fleet/Endpoints/options.yamlįleetctl apply -f osquery-configuration/Fleet/Endpoints/MacOS/osquery.yamlįleetctl apply -f osquery-configuration/Fleet/Endpoints/Windows/osquery.yamlįor pack in osquery-configuration/Fleet/Endpoints/packs/*.yaml Configure the fleetctl utility to communicate with your Fleet serverĤ. Enroll hosts to your Fleet server by configuring the appropriate ģ. Logs are located in /var/log/osquery (Linux/MacOS) and c:\ProgramData\osquery\logs (Windows)Ģ. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |