Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
h
hilt
05/26/2021, 1:07 AMBig news https://www.elastic.co/blog/whats-new-elastic-security-7-13-0 osquery fleet manager built into elastic
🎉 5
😮squery: 3
z
zwass
05/26/2021, 1:58 AMNice, I spoke to Elastic about their plans around this a while ago. I wonder if we'll start seeing them involved in the community? Would be very curious to hear anyone's experience if you try it out.
h
hilt
05/26/2021, 3:42 AMI’ll be trying it out soon
a
Artem
05/26/2021, 8:47 AMHello! Do you know which elastic license type need for this?
h
hilt
05/26/2021, 8:48 AMI just tried it on standard and it worked
👍 1
this is going to remove a huge pain point for me - the infrastructure side isn’t too bad but massaging osquery data has been awful - this, along with schema on read will be massive
j
Jamie Butler
05/26/2021, 12:34 PMI work at Elastic on Elastic Security and would love to get your thoughts on the integration with osquery.
a
Artem
05/26/2021, 4:11 PMIt would be great if the Elastic Agent could send data not only directly to Elasticsearch, but also through Logstash or the new Fleet. So far, this is the only thing that keeps from full-scale testing of the agent. We are interested in using Osquery on both user and server infrastructures, but we don’t want to open Elasticsearch to the entire infrastructure.
b
Braden
05/26/2021, 5:11 PMHi @Artem - thank you for the feedback (I am a PM on the Elastic Security team) Leveraging logstash pipelines are on our near term priority list.