-
Notifications
You must be signed in to change notification settings - Fork 410
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability Scan Results into the fleet results.log #1831
Comments
Related to #1823 |
@hereCOMESlappy totally makes sense. If you were able to ship detected vulnerabilities to a log destination, what would you do next with this vulnerability data? |
Next it would be ingested into elastic and reported on from there. |
@noahtalerman Tom Larkin suggested adding a similar feed to the Snowflake marketplace so that Snowflake, and any other organization could simply subscribe to that feed. |
@alphabrevity thanks for calling this out. I added a note to the Product office hours doc (internal): https://docs.google.com/document/d/1mwu5WfdWBWwJ2C3zFDOMSUC9QCyYuKP4LssO_sIHDd0/edit# This way, we can weigh (prioritize or set aside) this item during the product office hours call. |
Hello,
Given osquery results are logged to the results.log file by fleet, I think it would make sense to include each vulnerability as a JSON object in results.log so that our log shipper can ship the vulnerabilities detected just as it is shipping osquery output.
Makes sense right? Right?? RIGHT????!!!!!!!
The text was updated successfully, but these errors were encountered: