```osquery-repo ...
# generalp
Perk
09/21/2019, 11:41 PM Copy code
osquery-repo 81/81
Available Packages
Name : osquery
Arch : x86_64
Version : 4.0.1
Release : 1.linux
Size : 9.2 M
Repo : osquery-repo/x86_64
Summary : osquery is an operating system instrumentation toolchain.
License : Apache-2.0 OR GPL-2.0-only
Description : osquery is an operating system instrumentation toolchain.t
theopolis
09/22/2019, 12:28 AM
Hmm, there might be a CloudFront cache issue here, but I tried on Ubuntu:
Copy code
vagrant@ubuntu-bionic:~$ sudo apt-key adv --keyserver <http://keyserver.ubuntu.com|keyserver.ubuntu.com> --recv-keys $OSQUERY_KEY
Executing: /tmp/apt-key-gpghome.TPIzrl2sNv/gpg.1.sh --keyserver <http://keyserver.ubuntu.com|keyserver.ubuntu.com> --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
gpg: key 97A80C63C9D8B80B: public key "osquery (osquery) <osquery@fb.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
vagrant@ubuntu-bionic:~$ sudo add-apt-repository 'deb [arch=amd64] <https://pkg.osquery.io/deb> deb main'
Hit:1 <http://security.ubuntu.com/ubuntu> bionic-security InRelease
Ign:2 <https://pkg.osquery.io/deb> deb InRelease
Get:3 <https://pkg.osquery.io/deb> deb Release [1432 B]
Get:4 <https://pkg.osquery.io/deb> deb Release.gpg [819 B]
Hit:5 <http://archive.ubuntu.com/ubuntu> bionic InRelease
Get:6 <https://pkg.osquery.io/deb> deb/main amd64 Packages [11.2 kB]
Hit:7 <http://archive.ubuntu.com/ubuntu> bionic-updates InRelease
Hit:8 <http://archive.ubuntu.com/ubuntu> bionic-backports InRelease
Fetched 13.5 kB in 1s (25.0 kB/s)
Reading package lists... Done
vagrant@ubuntu-bionic:~$ sudo apt-get install osquery
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
osquery
0 upgraded, 1 newly installed, 0 to remove and 232 not upgraded.
Need to get 9696 kB of archives.
After this operation, 28.2 MB of additional disk space will be used.
Get:1 <https://pkg.osquery.io/deb> deb/main amd64 osquery amd64 4.0.2-1.linux [9696 kB]
Fetched 9696 kB in 0s (22.9 MB/s)
Selecting previously unselected package osquery.
(Reading database ... 60451 files and directories currently installed.)
Preparing to unpack .../osquery_4.0.2-1.linux_amd64.deb ...
Unpacking osquery (4.0.2-1.linux) ...
Setting up osquery (4.0.2-1.linux) ...
2333
Processing triggers for ureadahead (0.100.0-20) ...
Processing triggers for systemd (237-3ubuntu10.3) ...theopolis
09/22/2019, 12:29 AM
(the repos should be up2date) if you are not seeing 4.0.2 then I can continue to investigate
theopolis
09/22/2019, 12:30 AM
just tried on a new CentOS7 machine and it similarly worked
p
Perk
09/22/2019, 2:14 AMSimilarly, as in it's at 4.0.1, or 4.0.2?
Perk
09/22/2019, 2:21 AM Copy code
-[root@]-[0.93/0.66/0.58]-17%-17d10h19m-2019-09-21T19:15:14-
-[~:#]- repoquery -q --qf="%{name} %{repoid} %{location}" osquery
osquery osquery-repo <https://s3.amazonaws.com/osquery-packages/centos7/x86_64/osquery-4.0.1-1.linux.x86_64.rpm>Perk
09/22/2019, 2:22 AM Copy code
-[root@]-[0.64/0.57/0.56]-17%-17d10h25m-2019-09-21T19:21:34-
-[~:#]- wget <https://s3.amazonaws.com/osquery-packages/centos7/x86_64/osquery-4.0.2-1.linux.x86_64.rpm>
--2019-09-21 19:21:44-- <https://s3.amazonaws.com/osquery-packages/centos7/x86_64/osquery-4.0.2-1.linux.x86_64.rpm>
Resolving <http://s3.amazonaws.com|s3.amazonaws.com> (<http://s3.amazonaws.com|s3.amazonaws.com>)... 52.216.101.181
Connecting to <http://s3.amazonaws.com|s3.amazonaws.com> (<http://s3.amazonaws.com|s3.amazonaws.com>)|52.216.101.181|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2019-09-21 19:21:44 ERROR 404: Not Found.t
theopolis
09/22/2019, 4:03 PM
I see the issue. I wasn't sure if anyone was using the old
centos7centos6 Copy code
curl -L <https://pkg.osquery.io/rpm/GPG> | sudo tee /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
sudo yum-config-manager --add-repo <https://pkg.osquery.io/rpm/osquery-s3-rpm.repo>
sudo yum-config-manager --enable osquery-s3-rpm
sudo yum install osqueryp
Perk
09/23/2019, 2:41 AMRock on, got it. Thank you!
❤️ 1
3 Views