mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-06 09:12:45 +01:00
30 lines
1.1 KiB
Plaintext
30 lines
1.1 KiB
Plaintext
apiVersion: v1
|
|
kind: options
|
|
spec:
|
|
config:
|
|
decorators:
|
|
always:
|
|
- SELECT codename FROM os_version;
|
|
- SELECT uuid AS LiveQuery FROM system_info;
|
|
- SELECT address AS EndpointIP1 FROM interface_addresses where address not
|
|
like '%:%' and address not like '127%' and address not like '169%' order by
|
|
interface desc limit 1;
|
|
- SELECT address AS EndpointIP2 FROM interface_addresses where address not
|
|
like '%:%' and address not like '127%' and address not like '169%' order by
|
|
interface asc limit 1;
|
|
- SELECT hardware_serial FROM system_info;
|
|
- SELECT hostname AS hostname FROM system_info;
|
|
options:
|
|
decorations_top_level: true
|
|
disable_distributed: false
|
|
distributed_interval: 10
|
|
distributed_plugin: tls
|
|
distributed_tls_max_attempts: 3
|
|
distributed_tls_read_endpoint: /api/v1/osquery/distributed/read
|
|
distributed_tls_write_endpoint: /api/v1/osquery/distributed/write
|
|
logger_plugin: tls
|
|
logger_tls_endpoint: /api/v1/osquery/log
|
|
logger_tls_period: 10
|
|
pack_delimiter: _
|
|
overrides: {}
|