20 lines
557 B
Plaintext
20 lines
557 B
Plaintext
# This is an example runnable osquery.conf. It does not enable eventing tables
|
|
#
|
|
# To use this, paste this stanza into your existing osquery.conf file, or use
|
|
# it interactively with:
|
|
#
|
|
# sudo osqueryi --config_path osquery.conf -A osquery_packs
|
|
#
|
|
# You can specify a pack to run using:
|
|
#
|
|
# sudo osqueryi --config_path osquery.conf --pack detection
|
|
|
|
{
|
|
"packs": {
|
|
"detection": "out/detection.conf",
|
|
"incident-response": "out/incident-response.conf",
|
|
"policy": "out/vulnerabilities.conf",
|
|
"vulnerabilities": "out/vulnerabilities.conf"
|
|
}
|
|
}
|