osquery-defense-kit/osquery.conf
2024-01-09 16:56:40 -05:00

20 lines
557 B
Plaintext

# This is an example runnable osquery.conf. It does not enable eventing tables
#
# To use this, paste this stanza into your existing osquery.conf file, or use
# it interactively with:
#
# sudo osqueryi --config_path osquery.conf -A osquery_packs
#
# You can specify a pack to run using:
#
# sudo osqueryi --config_path osquery.conf --pack detection
{
"packs": {
"detection": "out/detection.conf",
"incident-response": "out/incident-response.conf",
"policy": "out/vulnerabilities.conf",
"vulnerabilities": "out/vulnerabilities.conf"
}
}