osctrl: Fast and efficient osquery management

osctrl

osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint.

With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs, and allow you to run on-demand queries.

With osctrl you can:

• Monitor all your systems running osquery,
• Distribute osquery configuration fast across all your enrolled nodes,
• Collect all the status and result logs, whether you want to store them or forward them to a different system (Splunk, ELK, Kafka, Graylog…),
• Run quasi-real-time on-demand queries in your selected enrolled nodes,
• Carve files or directories from your enrolled nodes.

Components

Install && Use

Copyright (C) 2019 jmpsec