Skip to content

@javuto javuto released this Feb 25, 2020

Changes

  • Fixed Graylog plugin not sending result- #25 by @kosborn
  • Adding osctrl-api component - #28
  • Log distributed queries results locally - #30
  • Hidding API queries - #31
  • Bugfix: Invalid logging method for api, default to none - #34
  • Refactor: to use struct for html layout pages - #35 by @friedbutter
  • Productionalize osctrl-api - #36
  • No more plugins - #37
  • Using custom User Agent for HTTP requests - #39
  • Make services wait for backend - #40
  • Preparing for osquery 4.2.0 - #41
  • Compile osctrl statically - #42
Assets 2

@javuto javuto released this Oct 17, 2019 · 42 commits to master since this release

Changes

  • Implementation by @obelisk of the header authentication method, quite useful in deployments where there is a transparent proxy or middleware that abstracts auth by adding headers to HTTP traffic - #16
  • Fix for #9 where some directories were not created (certs and config) and the docker deployment was failing - #20
  • Show the service version in osctrl-admin UI - #22
  • Fix for #17 reported by @kosborn and when using the graylog logging option, the grouping of messages was making Graylog to not process the messages correctly - #23
  • Added a tool to test logging using HTTP requests (graylog, splunk...), that implementes a basic HTTP catch-all - #23
  • Adding tool to cut a release using the API, so it will show in latest releases - #24
Assets 2

@javuto javuto released this Sep 26, 2019 · 58 commits to master since this release

Changes

  • Code to make possible having users in osctrl-admin that only see information, but can not take any actions such as run queries, run carves, delete nodes, change settings, change environments, modify users, change configuration, change intervals or modify enrolling links or certificates - #12
  • Better metrics around JSON distribution endpoints - #12
  • When visiting a node, the environment collapsible stays open - #12
  • Adding email to user record - #14
  • Ability to add the email from the user creation modal - #14
  • Ability to add/edit the email from osctrl-cli - #14
  • Adding loginurl field in the saml.json configuration, to provide the login URL to redirect to, if the session is expired or there is an error parsing the JWT token - #15
  • Make login logo image a bit smaller - #15
Assets 2

@javuto javuto released this Sep 16, 2019 · 58 commits to master since this release

Changes

  • Fix for metrics, to avoid a crash when metrics is enabled but the metrics.json isn't in place nor the configuration loaded (or correct) - #10
  • SAML authentication creates user sessions and extract data from the JWT token - #10
  • On-demand queries by host was not working properly and it was not added as target - #10
  • Queries and carves details now show the targets and improvements to style - #10
  • Cleanup code for SAML and metrics - #10
  • Adding support for newly released osquery 4.0.2 - #11
  • Splunk logging can now include links to status, results and on-demands logs - #11
  • Adding icons for archlinux platform - #11
  • Display expected / executed / errors in on-demand queries table - #11
  • Display expected / executed / errors in carves table - #11
Assets 2

@javuto javuto released this Aug 26, 2019 · 58 commits to master since this release

Changes

  • Adding parameters to binaries (osctrl-tls and osctrl-admin) to use different service configuration files or backend configuration.
  • Backend JSON file includes DB performance values.
  • Fixed bug (#1) where selecting all platforms/environments was not adding any targets to on-demand queries or file carves.
  • Showing IP address and version of osquery in the list of nodes for osctrl-cli.
Assets 2

@javuto javuto released this Aug 9, 2019 · 58 commits to master since this release

Changes

  • Display secret, flags and certificate in enroll nodes section to be used manually.
  • Flags are generated when creating an environment. Also added functionality to display them using osctrl-cli.
  • Display enrolling metadata, as indented JSON, for each node.
Assets 2
Sep 16, 2019
Merge pull request #11 from jmpsec/osquery-upgrade
A lot of changes everywhere
Sep 16, 2019
Merge pull request #11 from jmpsec/osquery-upgrade
A lot of changes everywhere

@javuto javuto released this Sep 3, 2019 · 74 commits to master since this release

Changes

  • First contribution! Thanks @ryandeivert 😃
    • Tweaking the interface for carves and simplifying logic a bit (#3).
  • Fix in osctrl-admin where using auth = none was making the service to crash with a panic (#5).
  • Environment certificate can be uploaded from admin, health check for services and other small changes (#6).
  • Better code for logging plugins. Added debug messages, fixed bugs and display expected executions for on-demand queries (#7 and #8).
Assets 2
Aug 26, 2019
Bumping to 0.1.5
You can’t perform that action at this time.