* Removing darwin from two tables
According to the osquery schema these two tables (secureboot and intel_me_info) do not support macOS.
* Removing darwin from yum_sources
This table is not compatible with macOS. Removing Darwin from the list of platforms.
* update to article submission guide
I made the following changes:
- I updated the guide to make it clear that submitting drafts as a Google Doc is the official article submission process.
- I did some housekeeping for improved clarity.
* Update handbook/digital-experience/how-to-submit-and-publish-an-article.md
* Create why-this-way.md
Moved "Why this way" to it's own page within Company handbook.
* Create development-groups.md
Added new page development-groups.md to Company handbook.
* Update README.md
Added space for Charlie to write summary for our new sections and add links to the nested pages.
* Update development-groups.md
Added meta tags to the page.
* Update why-this-way.md
* Update why-this-way.md
Changed head hierarchy to populate sub nav.
* preamble and links to sub pages
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
* Discover Python Packages from Running Python Interpreters documentation
* add hunting tag
Co-authored-by: Guillaume Ross <guillaume@binaryfactory.ca>
* Removed extra quote
Co-authored-by: Guillaume Ross <guillaume@binaryfactory.ca>
Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
* query for discovering TLS certs
* Update standard-query-library.yml
* Use Nabil as the contributor
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
* More accurate description of query purpose
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
* Guide for osquery event tables
* add list for how you can tell a table is evented
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Include new information about the other tables
* Clarify how audit works w/r/t data storage
* macOS and Linux
* specify flags for user_interaction_events table
* remove screenshot image
* remove subbullets in TOC
* redefine utility
* memtion openbsm is deprecated
* fix TOC links
* add meta tags
Related to #7130, this adds logic to retry native notarization up to three times if it fails for some reason.
Since we're adding retries in various places, I added a new package under pkg for this purpose.
* Mo == DRI of status of features table on pricing page
- CEO is DRI of pricing
- Mo is DRI of features table correctness
Input of many other contributors is important to both.
* Update CODEOWNERS
* Update CODEOWNERS
* Update custom.js
* Article: Osquery as a threat hunting platform
* Add .md to title
We need to define the file type in the title. These articles are structured in markdown, so we add ".md" to the title.
* Add metadata
Reminder to change publishing date and article image once we have it.
* Making copy less formal
Simplified language and provided more context for osquery being a lightweight agent.
* Add images and meta tags
I made the following updates to this article:
- Added images.
- Updated category to "Security".
* Osquery threat hunting article revisions.md
Revised copy for simplicity and flow. Added a link to the first podcast episode. Followed @mike-j-thomas's suggestion to mention value of osquery managers.
Co-authored-by: Andrew Baker <89049099+DrewBakerfdm@users.noreply.github.com>
Co-authored-by: Mike Thomas <mthomas@fleetdm.com>
- Clean up the top section
- Clean up queries section
- Update naming for the sub-sections in the "Organization settings" section
- Remove `single-file-configuration.yml` and files under `multi-file-configuration/`
- Remove testing section from product handbook
