osquery-defense-kit/Makefile

28 lines
1.3 KiB
Makefile
Raw Normal View History

out/osqtool:
2022-10-13 13:11:17 +00:00
mkdir -p out
GOBIN=$(CURDIR)/out go install github.com/chainguard-dev/osqtool/cmd/osqtool@latest
2022-10-13 13:11:17 +00:00
out/odk-detection.conf: out/osqtool
2023-02-09 22:54:41 +00:00
./out/osqtool --max-results=0 --max-total-daily-duration=3h45m --max-query-daily-duration=60m --verify pack detection/ > out/odk-detection.conf
2022-10-13 13:11:17 +00:00
out/odk-policy.conf: out/osqtool
2023-02-02 17:04:26 +00:00
./out/osqtool --max-results=0 --verify pack policy/ > out/odk-policy.conf
2022-11-23 12:32:52 +00:00
out/odk-incident-response.conf: out/osqtool
./out/osqtool --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m --verify pack incident_response/ > out/odk-incident-response.conf
2022-10-13 13:11:17 +00:00
2022-11-23 12:32:52 +00:00
# An alternative rules file for configurations where the "wireless_networks" table is forbidden for querying
out/odk-incident-response-no-wifi.conf: out/osqtool
2023-02-08 19:37:09 +00:00
./out/osqtool --max-results=150000 --max-query-duration=8s --max-total-daily-duration=90m --verify --exclude wireless_networks_macos pack incident_response/ > out/odk-incident-response-no-wifi.conf
2022-11-23 12:32:52 +00:00
packs: out/odk-detection.conf out/odk-policy.conf out/odk-incident-response.conf out/odk-incident-response-no-wifi.conf
2022-10-13 13:11:17 +00:00
out/odk-packs.zip: packs
cd out && zip odk-packs.zip *.conf
2022-10-20 13:10:45 +00:00
.PHONY: reformat
reformat:
find . -type f -name "*.sql" | perl -ne 'chomp; system("cp $$_ /tmp/fix.sql && npx sql-formatter -l sqlite /tmp/fix.sql > $$_");'
2022-10-14 14:25:08 +00:00
all: out/odk-packs.zip