Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "options": {
- // "config_plugin": "filesystem",
- // "logger_plugin": "filesystem",
- //"logger_path": "/var/log/osquery",
- //"disable_logging": "false",
- //"schedule_splay_percent": "10",
- //"database_path": "/var/osquery/osquery.db",
- //"disable_tables": "foo_bar,time",
- "host_identifier": "hostname",
- "schedule_splay_percent": "10",
- "utc": "true"
- },
- "schedule": {
- "system_info": {
- "query": "SELECT hostname, cpu_brand, physical_memory FROM system_info;",
- "interval": 3600
- }
- },
- "packs": {
- "osquery-monitoring": "/usr/share/osquery/packs/osquery-monitoring.conf",
- "incident-response": "/usr/share/osquery/packs/incident-response.conf",
- "it-compliance": "/usr/share/osquery/packs/it-compliance.conf",
- // "osx-attacks": "/usr/share/osquery/packs/osx-attacks.conf",
- "vuln-management": "/usr/share/osquery/packs/vuln-management.conf",
- "hardware-monitoring": "/usr/share/osquery/packs/hardware-monitoring.conf",
- "ossec-rootkit": "/usr/share/osquery/packs/ossec-rootkit.conf"
- // "windows-hardening": "C:\\ProgramData\\osquery\\packs\\windows-hardening.conf",
- // "windows-attacks": "C:\\ProgramData\\osquery\\packs\\windows-attacks.conf"
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement