RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2024-12-16 02:54:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
824 Commits 1 Branch 31 Tags 5.8 MiB
b75472cdc9
Commit Graph

23 Commits

Author SHA1 Message Date
Thomas Stromberg
2700c780b7
Add a runnable osquery.conf example 2023-03-04 13:03:30 -05:00
Thomas Stromberg
3df885d9bc
Makefile: Add 'detect' rule, fix collection/IR rules 2023-02-24 18:19:22 -05:00
Thomas Stromberg
063eb1691c
Add privacy-aware version of the IR rules 2023-02-24 17:47:07 -05:00
Thomas Stromberg
b9cefa0d09
Remove wireless-networks rule, rename collection to collect 2023-02-24 17:30:43 -05:00
Thomas Stromberg
fc08a698ec
Fix broken IR non-Wireless rule 2023-02-24 16:56:17 -05:00
Thomas Stromberg
fb022f8005
verify: 10s for IR 2023-02-24 16:49:53 -05:00
Thomas Stromberg
39ad038c04
Add verify-ci Makefile rule 2023-02-24 16:44:00 -05:00
Thomas Stromberg
995c1e1104
Fixes so that ODK can run under CI 2023-02-24 12:15:56 -05:00
Thomas Stromberg
1ac3d4fbb8
Makefile: collect as root 2023-02-23 21:45:34 -05:00
Thomas Stromberg
3984b82701
Makefile: add "make collection" target, improve others 2023-02-23 21:29:28 -05:00
Ian Brown
ffd552aa54
Missed one 
Signed-off-by: Ian Brown <ian@zestysoft.com>
 2023-02-18 16:10:48 -08:00
Thomas Stromberg
ebb9780036
Makefile: Add reformat-updates target 2023-02-10 10:33:04 -05:00
Thomas Stromberg
593991adb8
Purge observed false positives 2023-02-09 17:54:41 -05:00
Thomas Stromberg
a8ed058d4d
Query performance improvements, add pids, decrease frequency 2023-02-09 17:01:29 -05:00
Thomas Stromberg
2634e9d45b
Monday morning false-positive purge 2023-02-08 14:37:09 -05:00
Thomas Stromberg
bb3e1f964e
Run make reformat, update max rows for incident response 2023-02-02 17:58:19 -05:00
Thomas Stromberg
2d81061df3
Update for osqtool v1.0 2023-02-02 12:04:26 -05:00
Thomas Stromberg
09962c8dca
Add IR no-wifi ruleset 2022-11-23 07:32:52 -05:00
Thomas Stromberg
724e2fbc84
Makefile: Rename .sql targets to .conf, extend max-duration for IR 2022-11-23 07:14:53 -05:00
Thomas Stromberg
56b1af7b14
Add 'reformat' rule 2022-10-20 09:10:45 -04:00
Thomas Stromberg
8a198b259a
Makefile: Use --verify when packing 2022-10-14 10:25:08 -04:00
Thomas Stromberg
220dfc74ea
Install osqtool (unversioned at the moment) 2022-10-13 10:04:18 -04:00
Thomas Stromberg
e785c35614
v0.0.1 2022-10-13 09:11:17 -04:00