is there already a roadmap for features to be implemented?
11/06/2020, 8:12 PM
Not yet, and we are interested in what the community and potential customers are looking for.
Here are some informal thoughts of things that I believe will benefit folks:
- One agent to rule them all. We want to provide (or allow users to build) any security/it/compliance monitoring they need by deploying a single agent (osquery).
- Build alerting and enrichment into Fleet so that queries can be defined along with the alerts and enrichment (thinking to evolve the yaml format to support some of these things).
- Make it easier to deploy and update osquery, and extensions.
- Build a datastore tailored to storing information logged from osquery (not competing with Splunk/ELK for longer term storage, but making the management and querying of "facts" available from osquery more efficient).
- Fine grained authorization that allows exposing the capabilities of Fleet to more of the organization without compromising security/stability.
- Privacy and user respect is important - Expose a UX for endpoint users to understand how/what data is being collected from their devices.
Do these things resonate with you? What are your needs?
11/07/2020, 1:36 AM
those are interesting, I think a very needed feature is about the granular access to the tables, but I am not sure if it is something to implement in osquery directly or in the fleet
11/09/2020, 10:57 AM
configurable via labels (as opposed to platform) would be super neat.
11/09/2020, 2:04 PM
Labels configurable based on enroll secret
11/09/2020, 6:03 PM
Awesome thoughts! Overrides configurable via labels is something the team will discuss further.
Creating labels based on enroll secret is a feature the team would like to add. As mentioned in issue #2290 in kolide/fleet, we’re not able to prioritize this at the moment however, we’d love to review a PR.
We’re currently working to move all issues to the new fleetdm/fleet repo so we can continue the discussion there!