I see just about 300 in active test within our inf...
# generalt
theopolis
02/06/2018, 2:20 AM
I see just about 300 in active test within our infra, which is very low, and @obelisk is the point person on if/where we'll be testing. But for those with audit usage, it is highly recommended to update and test! and we will love you forever if you do
j
jaredl
02/06/2018, 2:46 AMHey @theopolis - I’m totally up for testing in our dev environment. Just to make sure I followed correctly, I should give https://osquery-packages.s3.amazonaws.com/rpm/osquery-3.0.0-1.linux.x86_64.rpm a shot?
t
theopolis
02/06/2018, 5:49 AM
Woot woot, yes please!
j
jaredl
02/06/2018, 6:54 PMHey @theopolis - Just deployed 3.0.0, seems sane but, nothing better in regards to the audit bits. I checked out the
3.0.0jaredl
02/06/2018, 6:55 PMMore specifically, looks like the commits in https://github.com/facebook/osquery/pull/3492 didn’t make it into the
3.0.0t
theopolis
02/06/2018, 6:57 PM
wow
theopolis
02/06/2018, 6:58 PM
trying to understand past me's thinking here
j
jaredl
02/06/2018, 6:58 PMhaha it’s all good
t
theopolis
02/06/2018, 6:58 PM
regardless, I can tag a 3.1.0 just after the audit stuff
theopolis
02/06/2018, 6:59 PM
will be ready to rock first thing in the morning
j
jaredl
02/06/2018, 7:03 PMSounds good, I’ll give it a whirl tomorrow
jaredl
02/07/2018, 1:29 PMHey @theopolis - Did you get a chance to cut the 3.1.0 release? I noticed that https://osquery-packages.s3.amazonaws.com/rpm/osquery-3.1.0-1.linux.x86_64.rpm errors and didn’t see the release on https://github.com/facebook/osquery/releases (not sure if you’re actually doing that part for this or not).
jaredl
02/08/2018, 3:47 PMHey @theopolis - I see that https://github.com/facebook/osquery/releases/tag/3.1.0 is cut! \o/ however, I don’t thing the RPM is built yet https://osquery-packages.s3.amazonaws.com/rpm/osquery-3.1.0-1.linux.x86_64.rpm . Any idea when that might be available?
t
theopolis
02/09/2018, 3:49 PM
uploaded!
j
jaredl
02/09/2018, 5:01 PMyay! Will give it a whirl today!
metal 1
t
theopolis
02/09/2018, 6:57 PM
sorry, didn't realize they hadn't finished uploading
theopolis
02/09/2018, 6:57 PM
theopolis
02/09/2018, 6:57 PM
should be there
j
jaredl
02/09/2018, 6:58 PMPerfect, is that just for CentOS 7 or does it work for CentOS 6 as well?
jaredl
02/09/2018, 6:58 PM(usually I use https://osquery-packages.s3.amazonaws.com/rpm/osquery-3.1.0-1.linux.x86_64.rpm) which will have SystemD’s unit file and the sysvinit script if I’m remembering correctly
jaredl
02/09/2018, 6:59 PMAh sweet, this has both, works for me, will throw it to dev and see what explodes, thanks @theopolis!
4 Views