-
**Is your feature request related to a problem? Please describe.**
If each column I'm returning is defined by a struct, it's very frustrating to replicate the fields into both `ColumnDef`s and into `…
-
The `action_data` field in osquery_manager uses a generic `type: object` mapping. A future version of package-spec will disallow these generic mappings. To prevent conflicts, we want to prefer a mappi…
-
I'm not sure what went wrong, but this query was not returning the proper information on my Sonoma 14.6.1 machine.
https://github.com/drata/drata-agent/blob/e04e0c16c799cd058b23096e02a56195a30592ac…
-
A test failed on a tracked branch
```
AssertionError: Timed out retrying after 60000ms: expected '' to have text 'PackTestsnbtfqz0q8r', but the text was 'PackTestsnbtfqz0q8r, '
at addIntegration …
-
# The problem
The Windows threat landscape is rapidly evolving, and the visibility provided by Osquery should be able to evolve as well. Modern threat detection engineering runs on OS visibility.
…
-
I can't update `osquery` on my SLES12 SP5 machines due to:
```
The following package is going to be upgraded:
osquery 5.7.0-1.linux -> 5.8.2-1.linux
The following package has no support inf…
-
# Bug report
After enabling BPF for osquery and having any queries configured, osquery's cpu usage does have an increase in usage.
In the screenshot below, the NICE time is the usage of mainly osq…
-
What's a good way of checking that osquery is running healthy and able to communicate with a remote host?
One solution I have is to enable `--verbose` logging and watch for the timestamps in the log.…
groob updated
7 years ago
-
Apparently this can lead to many "/var/osquery/osquery.em.*" files and attempts address in use errors. This may only happen if the script is terminated unexpectedly (not sure).
-
When importing feeds, I see warnings about the "queries" key not being present.
The key is present, however, and this doesn't seem to present an issue -- all the feeds are imported as expected.
…