![]() Results are saved in a Postgres database for easy access to recent events. For example:ĭoorman allows supports alerting via the following methods:ĭoorman is intended to be configured to receive results from nodes via the osquery tls logging plugin. Doorman allows building complex rule sets that can use arbitrary boolean logic and a variety of operators to test the results of a query. If you're not acting on the information you collect, what's the point? Doorman allows fleet managers to configure custom rules to trigger alerts on specific events (for example, an unauthorized browser plugin is installed, or a removable USB storage device is inserted). A distributed query's status in Doorman is tracked based on whether the node has picked up the query and/or returned its results. With Doorman, you can distribute ad-hoc queries to one, some, or all nodes. This view provides an "at-a-glance" view on the current state of a node. To ensure all nodes then receive this baseline configuration, you simply assign the baseline tag to the nodes you wish to include.Ĭlick on any node to view its recent activity, original enrollment date, time of its last check-in, and the set of packs and queries that are configured for it. As tags are added and/or removed, a node's configuration will change.įor example, it's possible to assign a set of packs and queries a baseline tag. A node's configuration is dependent on the tags it shares with packs, queries, and/or file paths. at a glanceĭoorman makes extensive use of tags. Doorman takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness. Administrators can dynamically configure the set of packs, queries, and/or file integrity monitoring target paths using tags. ![]() Doorman is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |