osctrl: Fast and efficient osquery management

by ddos ·

osctrl

osctrl is a fast and efficient osquery management solution, implementing its remote API as a TLS endpoint.

With osctrl, you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs, and allow you to run on-demand queries.

 

With osctrl you can:

  • Monitor all your systems running osquery,
  • Distribute osquery configuration fast across all your enrolled nodes,
  • Collect all the status and result logs, whether you want to store them or forward them to a different system (Splunk, ELK, Kafka, Graylog…),
  • Run quasi-real-time on-demand queries in your selected enrolled nodes,
  • Carve files or directories from your enrolled nodes.

Components

 

Install && Use

Copyright (C) 2019 jmpsec

Tags: osquery management