Vulnerability Scan Results into the fleet results.log #1831
Comments
|
Related to #1823 |
|
@hereCOMESlappy totally makes sense. If you were able to ship detected vulnerabilities to a log destination, what would you do next with this vulnerability data? |
Next it would be ingested into elastic and reported on from there. |
|
@noahtalerman Tom Larkin suggested adding a similar feed to the Snowflake marketplace so that Snowflake, and any other organization could simply subscribe to that feed. |
|
@alphabrevity thanks for calling this out. I added a note to the Product office hours doc (internal): https://docs.google.com/document/d/1mwu5WfdWBWwJ2C3zFDOMSUC9QCyYuKP4LssO_sIHDd0/edit# This way, we can weigh (prioritize or set aside) this item during the product office hours call. |
Hello,
Given osquery results are logged to the results.log file by fleet, I think it would make sense to include each vulnerability as a JSON object in results.log so that our log shipper can ship the vulnerabilities detected just as it is shipping osquery output.
Makes sense right? Right?? RIGHT????!!!!!!!
The text was updated successfully, but these errors were encountered: