Found a few typos before publishing on socials - fixed
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
adding new article for splunk , osquery, mitre attck
---------
Co-authored-by: Dave Herder <dave@fleetdm.com>
Co-authored-by: Andrew Baker <89049099+DrewBakerfdm@users.noreply.github.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Co-authored-by: Eric <eashaw@sailsjs.com>
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Changed some wording under "Deployments" to remove confusion, and
updated instructions for "Prepare the database" to better reflect the
previous outputs from the terraform apply.
Co-authored-by: Katheryn Satterlee <me@ksatter.com>
* Update deploying-fleet-on-aws-with-terraform.md
Changed title to be consistent with other deployment guides.
* Update deploying-fleet-on-render.md
Changed title to be consistent with other deployment guides.
* Update deploy-fleet-on-hetzner-cloud.md
Changed title to remove the ampersand and make "Cloud-init" lowercase.
* Remove email address for redudancy
Call to actions at the bottom of the page offer better forms of communication to join the community, trial Fleet, or ask questions.
* Remove email mention
* Remove email mention
* Remove email mention
* Fleet podcast episode 7 images upload
* Initial article post
Still need to update podbean links once available
* Removing due to incorrect title
* Removing due to incorrect title
* Reuploading correct thumbnails
* Update the-future-of-device-management-ep7.md
* Updated podbean link
* Unused image - removing
* Update articles/the-future-of-device-management-ep7.md
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
* Update articles/the-future-of-device-management-ep7.md
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
* Update the-future-of-device-management-ep7.md
* Update articles/the-future-of-device-management-ep7.md
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
* update deployment guide and add additional descriptions/comments for terraform resources
* add architecture diagram to deployment guide
* cleaning up more terraform deployment documentation
- Rename "Osquery logs" page to "Log destinations"
- Use exact product names in the log destination docs
- Move anchor links to the top of the page so that fleetdm.com/docs/log-destinations renders a sidebar
* Create zero-trust-attestation-with-fleet
* Added images
I made the following changes:
- added .md file extension
- added artwork for the article
* Image update
- updated thumbnail image
- moved position of zero touch diagram
* Added file extension
* Added revisions from Google doc
Incorporated revisions I had been discussing with Mo.
Co-authored-by: Mike Thomas <mthomas@fleetdm.com>
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
* Article: osquery vulnerability management at scale
Zach's presentation from osquery@scale September 2022. Slides are embedded in the article. Video will be added when available.
* Add embed for google slides presentation
* Update osquery-vulnerability-management-at-scale.md
Added link to osquery@scale website. Removed placeholder hero image.
* Add thumbnail image
- added a thumbnail image
- changed "Osquery" to "osquery"
* Updated intro and publication date
Co-authored-by: Andrew Baker <89049099+DrewBakerfdm@users.noreply.github.com>
Co-authored-by: Mike Thomas <mthomas@fleetdm.com>
* Guide for osquery event tables
* add list for how you can tell a table is evented
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Update osquery-evented-tables-overview.md
* Include new information about the other tables
* Clarify how audit works w/r/t data storage
* macOS and Linux
* specify flags for user_interaction_events table
* remove screenshot image
* remove subbullets in TOC
* redefine utility
* memtion openbsm is deprecated
* fix TOC links
* add meta tags
* Article: Osquery as a threat hunting platform
* Add .md to title
We need to define the file type in the title. These articles are structured in markdown, so we add ".md" to the title.
* Add metadata
Reminder to change publishing date and article image once we have it.
* Making copy less formal
Simplified language and provided more context for osquery being a lightweight agent.
* Add images and meta tags
I made the following updates to this article:
- Added images.
- Updated category to "Security".
* Osquery threat hunting article revisions.md
Revised copy for simplicity and flow. Added a link to the first podcast episode. Followed @mike-j-thomas's suggestion to mention value of osquery managers.
Co-authored-by: Andrew Baker <89049099+DrewBakerfdm@users.noreply.github.com>
Co-authored-by: Mike Thomas <mthomas@fleetdm.com>
* Create introducing-sandbox:-the-fastest-way-to-play-with-fleet.md
* Update articles/introducing-sandbox:-the-fastest-way-to-play-with-fleet.md
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
* added image and video
- added image and video
- updated meta tags
* Update introducing-sandbox:-the-fastest-way-to-play-with-fleet.md
- removed comma from meta tag title
* Rename file, update quotation marks
Co-authored-by: Chris McGillicuddy <108031970+chris-mcgillicuddy@users.noreply.github.com>
Co-authored-by: Mike Thomas <mthomas@fleetdm.com>
Co-authored-by: Eric <eashaw@sailsjs.com>
- Update "Learn how to use Fleet" docs page to walk a Fleet Sandbox user through adding their device and running a query
- Add a "Get operating system information" query to standard query library for the "Learn how to use Fleet" walkthrough
- Update Fleet's top level README to point users who want to try Fleet to Fleet Sandbox
- Update "How to install osquery..." (macOS, Windows, Linux) blog posts to point users who want to try Fleet to Fleet Sandbox
- Move `fleetctl preview` questions to "Contributing" FAQ section in docs. This is because `fleetctl preview` is now a testing tool for Fleet contributors
- Update "Deploying" docs to point users who want to try Fleet to Fleet Sandbox
