Skip to content

Add osquery package #450

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Dec 15, 2020
Merged

Add osquery package #450

merged 3 commits into from
Dec 15, 2020

Conversation

@marc-gr
Copy link
Contributor

@marc-gr marc-gr commented Dec 7, 2020

What does this PR do?

Adds osquery package

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all datasets collect metrics or logs.

Screenshots

Screenshot 2020-12-07 at 17 21 14

Screenshot 2020-12-07 at 18 06 47
@elasticmachine
Copy link

elasticmachine commented Dec 7, 2020

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
@elasticmachine
Copy link

elasticmachine commented Dec 7, 2020
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Branch indexing

  • Start Time: 2020-12-15T01:44:15.823+0000

  • Duration: 31 min 31 sec

Test stats 🧪

Test Results
Failed 0
Passed 145
Skipped 0
Total 145

@andrewkroh
Copy link
Member

andrewkroh commented Dec 10, 2020

Given that #273 will eventually be merged and will provide a more integrated experience (I think it actually runs osquery for you and let's you run queries) maybe we should not migrate this Filebeat module over to here. @jamiehynds @bradenlpreston?
@bradenlpreston
Copy link

bradenlpreston commented Dec 10, 2020

@andrewkroh - They are 2 different use cases to start. We are building a way to centrally manage and collect data from osquery. However, I don't think we want to remove the use case for when a user already has osquery deployed and managed, but they still want to send data to elastic. Would be great to cover both use cases.
@marc-gr marc-gr merged commit ff01c39 into elastic:master Dec 15, 2020
@marc-gr marc-gr deleted the osquery branch December 15, 2020 07:47
@andrewkroh andrewkroh added Integration:osquery Osquery Logs New Integration Issue or pull request for creating a new integration package. labels Aug 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request Integration:osquery Osquery Logs New Integration Issue or pull request for creating a new integration package. [zube]: In Review

4 participants

@marc-gr @elasticmachine @andrewkroh @bradenlpreston