empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 08:55:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,915 Commits 3 Branches 0 Tags 561 MiB
995cf025af
Commit Graph

17 Commits

Author SHA1 Message Date
Mike McNeil
995cf025af
Update alf_exceptions.yml (#8327) 2022-10-19 14:32:20 +00:00
Mike McNeil
d305fc34fb
Hide acpi_tables until we understand better why it's useful (#8323) 2022-10-19 14:24:58 +00:00
Eric
e82962e4a7
Add Fleet override schema files (#8278) 
* create schema/tables, add yaml schema tables

* Update osquery-table-details.ejs

* Generate schema from schema/tables/ folder

* Create generate-yaml-tables-from-json.js

* update created table files

* update fleet override validation

* update error messages, add fleetRepoUrl

* Delete generate-yaml-tables-from-json.js

* Update osquery-table-details.ejs

* Update whitespace in table examples

* Revert "Update osquery-table-details.ejs"

This reverts commit 2e9d63208f59997d492375ebaf1d0ec7e4afe468.

* add YAML tables generated from updated Fleet schema

* lint fixes

* update arp_cache and docker_containers tables
 2022-10-18 14:13:42 -05:00
Mo Zhu
3b802232d0
Add notes re: OUI and wireshark OUI lookup for arp_cache (#8272) 
* Add notes re: OUI and wireshark OUI lookup for arp_cache

* More info on ARP spoofing

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>

* Fix links in markdown

Co-authored-by: Eric <eashaw@sailsjs.com>

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
 2022-10-18 18:28:49 +00:00
Mo Zhu
564a4a4ee9
Link to what it means to be "privileged" docker container (#8260) 2022-10-18 17:08:52 +00:00
Mo Zhu
ee6cf920d7
new example query for arp_cache (#8273) 2022-10-18 17:08:38 +00:00
Guillaume Ross
f3f7f28e76
Adding examples (#8255) 
Adding 6 examples related to Docker tables, and adding a period at the end of the example on crontabs.
 2022-10-17 18:48:04 +00:00
Eric
dfadfa294d
merge file table overrrides (#8231) 2022-10-14 16:25:56 -04:00
Eric
2baf6bcbcf
update keychain_acls and account_policy_data examples (#8201) 2022-10-12 17:31:26 -05:00
Mike McNeil
20d617ee67
Fix typo in keychain_items table schema (#8179) 
* Define "certificate authorities" + normalize capitalization

* Fix typo in keychain_items table schema

* Maybe a bad character?

* Fixing problematic comma

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
 2022-10-12 12:17:03 -04:00
Guillaume Ross
eadb3b1081
Adding 6 example queries! (#8165) 
* Adding 6 example queries!

* Adding alf_explicit_auths + a note about a current bug with it

* Reverting sailsrc changes
 2022-10-12 11:13:44 -04:00
Mike McNeil
60a9e4de80
Define "certificate authorities" + normalize capitalization (#8118) 2022-10-07 09:22:35 -04:00
Eric
8fecef3ed5
Update merged schema helper and script. (#8092) 
* update helper to use the osquery schema from the osquery/osquery-site repo

* update script description and generated json filename

* Add ritual to digital experience handbook

* add merged schema

* Update README.md

* Update get-extended-osquery-schema.js
 2022-10-05 15:10:08 -05:00
Mo Zhu
1592309f7a
Specify where docker_volumes.name comes from. (#8075) 
* Update fleet_schema.json

* Make description uppercase.

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
 2022-10-04 12:49:56 -07:00
Mo Zhu
3b7926a6b3
Account policy data example query (#8070) 
* query for checking for brute force intrusion attempts

* Fixing query

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
 2022-10-04 08:50:41 -07:00
Guillaume Ross
b77113b1b5
Adding a bunch of examples (#8028) 
* Adding a bunch of examples

Adding a bunch of examples and fixing missing trailing `;`s in existing ones

* Delete .sailsrc

Added .sailsrc accidentally form building locally

* Replaced sailsrc with original content

* Fixed typo in table name

* Undoing .sailsrc again

Ooops!
 2022-10-03 11:32:03 -04:00
Eric
9dbf84fb4b
Website: Add pages for schema tables (#7679) 
* add osquery tables page

* update build script, add fleet schema folder

* update layout and page script

* add edit-page button, search, remove test attribute from fleet schema

* update styles

* syntax highlighting, update highlight.js, adjust layout

* lint fixes

* Update view-osquery-tables.js

* requested changes from 1:1

* requested changes

- Rename osquery-tables to osquery-table-details & update routes and policies
- Update wildcard input and tables details route
- Fix lint error
- adjust self-calling functions in page script
- rename function and adjust the order of functions in page script

* add osquery tables to builtStaticContent.markdownPages

* update schema folder readme

* add redirect for /tables

* update table input

* remove comment from stylesheet, update syntax highlighting, use variable names from colors.less

* update inputs in view action

* Updates from PR review

* fix lint error

* update syntax highlighting, table page styles

* Update build-static-content.js

* requested changes from code review

* Update build-static-content.js

* fix build script error

* remove string.replaceAll()

Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
 2022-09-23 19:06:55 -05:00