osquery-s3-config

command module

v0.0.0-...-5ab8b4b Latest Latest Go to latest Published: Apr 28, 2023 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/burdzwastaken/osquery-s3-config

Links

Open Source Insights

README ¶

osquery-s3-config

A osquery config plugin to read from a configuration file stored in an AWS s3 bucket.

Building

To build the osquery extension you will need to have the following installed:

go
make

To build the extension use the following commands:

make

Configuration

To the run the extension the following environment variables are required to be set:

OSQUERY_S3_CONFIG_BUCKET_NAME
OSQUERY_S3_CONFIG_BUCKET_REGION
OSQUERY_S3_CONFIG_PATH // optional - defaults to `osquery.conf`

AWS configuration

Standard AWS SDK mechanisms for AWS; This includes env vars (AWS_ACCESS_KEY_ID) and profiles (AWS_PROFILE) and IAM authentication.

Troubleshooting

When troubleshooting, ensure you are running osqueryd/osqueryi with the --verbose flag.

Note if running osquery as root you will have to change the ownership of build/osquery-s3-config.ext to root or by passing the --allow_unsafe flag.

Thanks

groob for the example in his blog post Extending osquery with Go.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
pkg
s3

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL