I'm not sure if it is going to work, since the Zee...
# zeeka
alessandrogario
01/28/2020, 11:04 AM
I'm not sure if it is going to work, since the Zeek Agent calls the table generate() directly
z
zwass
01/28/2020, 5:51 PM
Ah okay well at least we'll have it in osquery core. Maybe Zeek can use the osquery core code once it's there.
a
alessandrogario
01/28/2020, 5:57 PM
Zeek Agent redefines osquery tables in its own sqlite db instance, so I'm not sure how to show non-table stuff outside osquery
z
zwass
01/28/2020, 5:58 PM
Our priority right now is to get it implemented in osquery. Will be nice if Zeek can integrate somehow.
👍 1
a
alessandrogario
01/28/2020, 5:58 PM
best approach is probaby to implement it directly within Zeek Agent so that it will work with both osquery and built-in tables
4 Views