Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 40 million developers.Sign up
- Fixed Graylog plugin not sending
result- #25 by @kosborn
osctrl-apicomponent - #28
- Log distributed queries results locally - #30
- Hidding API queries - #31
- Bugfix: Invalid logging method for api, default to none - #34
- Refactor: to use struct for html layout pages - #35 by @friedbutter
- No more plugins - #37
- Using custom User Agent for HTTP requests - #39
- Make services wait for backend - #40
- Preparing for osquery
- Compile osctrl statically - #42
- Implementation by @obelisk of the header authentication method, quite useful in deployments where there is a transparent proxy or middleware that abstracts auth by adding headers to HTTP traffic - #16
- Fix for #9 where some directories were not created (
config) and the docker deployment was failing - #20
- Show the service version in
osctrl-adminUI - #22
- Fix for #17 reported by @kosborn and when using the graylog logging option, the grouping of messages was making Graylog to not process the messages correctly - #23
- Added a tool to test logging using HTTP requests (graylog, splunk...), that implementes a basic HTTP catch-all - #23
- Adding tool to cut a release using the API, so it will show in
latestreleases - #24
- Code to make possible having users in
osctrl-adminthat only see information, but can not take any actions such as run queries, run carves, delete nodes, change settings, change environments, modify users, change configuration, change intervals or modify enrolling links or certificates - #12
- Better metrics around JSON distribution endpoints - #12
- When visiting a node, the environment collapsible stays open - #12
- Adding email to user record - #14
- Ability to add the email from the user creation modal - #14
- Ability to add/edit the email from
loginurlfield in the
saml.jsonconfiguration, to provide the login URL to redirect to, if the session is expired or there is an error parsing the JWT token - #15
- Make login logo image a bit smaller - #15
- Fix for metrics, to avoid a crash when metrics is enabled but the
metrics.jsonisn't in place nor the configuration loaded (or correct) - #10
- SAML authentication creates user sessions and extract data from the JWT token - #10
- On-demand queries by host was not working properly and it was not added as target - #10
- Queries and carves details now show the targets and improvements to style - #10
- Cleanup code for SAML and metrics - #10
- Adding support for newly released osquery 4.0.2 - #11
- Splunk logging can now include links to status, results and on-demands logs - #11
- Adding icons for
archlinuxplatform - #11
- Display expected / executed / errors in on-demand queries table - #11
- Display expected / executed / errors in carves table - #11
- Adding parameters to binaries (
osctrl-admin) to use different service configuration files or backend configuration.
- Backend JSON file includes DB performance values.
- Fixed bug (#1) where selecting all platforms/environments was not adding any targets to on-demand queries or file carves.
- Showing IP address and version of osquery in the list of nodes for
certificatein enroll nodes section to be used manually.
- Flags are generated when creating an environment. Also added functionality to display them using
- Display enrolling metadata, as indented JSON, for each node.
- First contribution! Thanks @ryandeivert
- Tweaking the interface for carves and simplifying logic a bit (#3).
- Fix in
auth = nonewas making the service to crash with a panic (#5).
- Environment certificate can be uploaded from admin, health check for services and other small changes (#6).
- Better code for logging plugins. Added debug messages, fixed bugs and display expected executions for on-demand queries (#7 and #8).