Changes:
- Added a "MDM required" tag to the queries in the standard query
library that use the `managed_policies` table.
- Updated the build script to add a `requiresMdm` value to queries added
to `builtStaticContent.queries`, and to set it to true if a query has
the "MDM required" tags
- Updated the `/queries` page to add a "Requires MDM" badge to queries
that have `requiresMdm: true`
. . .
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
* Update "No 1Password recovery kits..." policy
- Update policy in standard query library shown on fleetdm.com
- Update policy in standard templates shown in Fleet UI
* Update policy template shown in UI
* Commit Sharvil's exits to standard query library
* Commit Sharvil's edits to policy templates
* Discover Python Packages from Running Python Interpreters documentation
* add hunting tag
Co-authored-by: Guillaume Ross <guillaume@binaryfactory.ca>
* Removed extra quote
Co-authored-by: Guillaume Ross <guillaume@binaryfactory.ca>
Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
* query for discovering TLS certs
* Update standard-query-library.yml
* Use Nabil as the contributor
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
* More accurate description of query purpose
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
- Remove "[CIS x.x.x]" tags from product
- Add "CIS" tag to all policies in the standard query library on fleetdm.com
- Remove duplicate "Guest users"policy
- Update language in policies' names and descriptions to be consistent
* Adding CIS 1.5 / 1.6 / 2.2.1 to constants.ts
* Adding CIS 1.5 / 1.6 / 2.2.1 to standard query library
* Adding 2.3.1
* Adding 2.3.1 to query library and 2.4.2 to both
* Adding 2.4.10
* Tagging 2.5.1.1
* Tagging 2.5.2.1
* Tagging 2.5.2.2
* Adding 2.5.6
* Adding 2.6.1.4
* Adding 3.6
* Tagging 5.1.2
* Tagging 5.2.2
* Tagging 5.8
The query we have for the screen lock is comprehensive and covers more than one CIS requirement
* Adding 6.1.3 and 6.1.4
- Update "Learn how to use Fleet" docs page to walk a Fleet Sandbox user through adding their device and running a query
- Add a "Get operating system information" query to standard query library for the "Learn how to use Fleet" walkthrough
- Update Fleet's top level README to point users who want to try Fleet to Fleet Sandbox
- Update "How to install osquery..." (macOS, Windows, Linux) blog posts to point users who want to try Fleet to Fleet Sandbox
- Move `fleetctl preview` questions to "Contributing" FAQ section in docs. This is because `fleetctl preview` is now a testing tool for Fleet contributors
- Update "Deploying" docs to point users who want to try Fleet to Fleet Sandbox
* Adding password policy query to the default library
Adding a built-in policy to check the minimum password length on macOS using the recently released password_policy table.
* Addding osquery minimum version + adding query to constants.ts
* Adding policy query to check firewall on Mac
This commit closes https://github.com/fleetdm/confidential/issues/1410 once merged.
* Adding policies
This commit closes https://github.com/fleetdm/confidential/issues/1412. Right now there is no way to check the screenlock so instead we check if a profile for screenlock is there.
https://github.com/fleetdm/confidential/issues/1410 also closed by this.
* Update constants.ts
Fixed space
* Resolution text fix for new policies
Fixed copy based on @zhumo's comments!
* Screen lock policy
Adding a policy to check if the inactivity timeout is enabled on Windows and set to 1800 seconds or less (30min)
* Update constants.ts
Fix identation
* Update Windows screen lock policy
Changed wording from "administrator" to "IT administrator" in both files.
* App up to date or not installed
Adding "App installed and up to date OR not present" example
* Removed empty last line
* Update standard-query-library.yml
Added right descriptions and resolution for the Docker example, and added a new query to detect unencrypted SSH keys.
* Update docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
* Update docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
* Update docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
* Update standard-query-library.yml
Updated as per @noahtalerman's review
* Update docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
* Renaming files and a lot of find and replace
* pageRank meta tags, sorting by page rank
* reranking
* removing numbers
* revert changing links that are locked to a commit
* update metatag name, uncomment github contributers
* Update basic-documentation.page.js
* revert link change
* more explicit errors, change pageOrderInSection numbers, updated sort
* Update build-static-content.js
* update comment
* update handbook link
* handbook entry
* update sort
* update changelog doc links to use fleetdm.com
* move standard query library back to old location, update links/references to location
* revert unintentional link changes
* Update handbook/community.md
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
On website + constants.ts. Does not support all Linux encryption scenarios, we will add more to this query as we discover the patterns people need.
Closes#4208
