Has anyone set up syslog ng w osquery I m following this to osquery #general

Has anyone set up syslog-ng w/ osquery? I'm follo...

Zach Zeid

12/11/2020, 2:37 PM

Has anyone set up syslog-ng w/ osquery? I'm following this to some extent (https://linoxide.com/monitoring-2/setup-osquery-monitor-security-threat-ubuntu/) but I'm not really seeing anything in

/var/osquery/syslog-pipe

or from

select * from syslog;

in osquery.

Zach Zeid

12/11/2020, 5:51 PM

tl;dr: selinux was enabled when I thought it wasn't.

3 Views