Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Powered by
Title
p
pirxthepilot
07/26/2018, 8:44 PM
@Zameer
you first need to configure the files and directories you want to monitor:
https://github.com/kolide/fleet/blob/master/docs/api/README.md#file-integrity-monitoring
z
Zameer
07/27/2018, 1:22 PM
HI pirxthepilot- the document looks complex to me to understand. Can you please send me the steps to do it?
followed the steps, the results are nil
p
pirxthepilot
07/27/2018, 6:16 PM
Actually if you have kolide 2.0+ you might be able to use
fleetctl
https://github.com/kolide/fleet/tree/master/docs/cli
there's a bit on FIM config here:
https://github.com/kolide/fleet/blob/master/docs/cli/setup-guide.md
oops i meant
https://github.com/kolide/fleet/blob/master/docs/cli/file-format.md#osquery-configuration-options
the previous is for setting up the cli
z
Zameer
07/27/2018, 6:45 PM
gave a read. will try to execute it
2 Views
#kolide
Join Slack