search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
2.9k stars 402 forks source link

find_cmd Table is only compiled for darwin - find also would be useful on Linux #19199

Open nonpunctual opened 3 months ago

nonpunctual commented 3 months ago

Many Fleet customers use file_lines, file & other tables to get data from Linux Hosts. Seems like it might be fairly trivial to enable our find_cmd table (which is NOT a core osquery table) for Linux too.

This is not a super-urgent priority. It's a quality-of-life / feature parity enhancement. The actual UNIX find command pre-dates macOS so it seems a little silly that it's not listed for all UNIX-based systems. Thanks.

Problem

Use find_cmd table on Linux hosts.

Potential solutions

  1. compile find_cmd table for Linux & macOS Hosts.
noahtalerman commented 3 months ago

Thanks for tracking this @nonpunctual