OSQuery
SaltStack
Our great sponsors
OSQuery | SaltStack | |
---|---|---|
44 | 46 | |
21,338 | 13,851 | |
0.7% | 0.7% | |
8.8 | 10.0 | |
3 days ago | 2 days ago | |
C++ | Python | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OSQuery
-
Ask HN: SQLite in Production?
Perhaps the OP means OsQuery: https://github.com/osquery/osquery
OsQuery is an SQLite extension consisting of hundreds of virtual tables
-
Osquery: An sqlite3 virtual table exposing operating system data to SQL
There's at least one open data quality issue for `process_open_sockets` on macOS[1]. It's a few years old however and, if you aren't seeing that casting error, you probably aren't hitting it. But that's a good example of the kind of debt that's been built up over time.
(In terms of general purpose/flexible tooling, I'm not aware of a close replacement for osquery.)
[1]: https://github.com/osquery/osquery/issues/6319
- SQLite virtual table to query operating system data via SQL
-
Show HN: Natural Language to SQL "Text-to-SQL" API by Dataherald
The largest we have successfully deployed is on the OSQuery schema https://osquery.io/ which is 277 tables and lots of business context (malwares, vulnerabilities, Windows registry keys, etc).
-
Alternative to Endpoint Protector?
From a self hosted standpoint OSQuery or Wazuh are your best bets for monitoring USB devices. Windows makes blocking really challenging and I’m not aware of any “free” solutions that attempt it.
-
Firewall rules beyond "deny incoming, enable only the ports that you need"
Configure auditd to monitor host activity: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505 or osquery: https://osquery.io/ (or similar software: filebeat for example).
- Craziest thing I ever used SQLite for: partial file deduplication
-
Best Websites For Coders
OS Query : Easily ask questions about your Linux, Windows, and macOS infrastructure
-
Tool that let you know see EXE file on multiple PC?
Osquery + Fleet. https://osquery.io/ https://fleetdm.com/, using the two allows you to build a query to answer what ever questions you (or an auditor) might have about your environment.
- Osquery: SQL powered operating system instrumentation
SaltStack
- Looking for a way to remote in to K's of raspberry pi's...
-
Salt Exporter: the story behind the tool
In the new style, when the tag is longer than 20 characters, an end of tag string is appended to the tag given by the string constant TAGEND, that is, two line feeds '\n\n'. When the tag is less than 20 characters then the tag is padded with pipes "|" out to 20 characters as before. When the tag is exactly 20 characters no padded is done. source: https://github.com/saltstack/salt/blob/master/salt/utils/event.py
-
Why would anyone need AD/AAD when you can manage devices through Saltstack?
https://github.com/saltstack/salt https://github.com/chocolatey/choco https://github.com/nextcloud https://github.com/authelia/authelia https://github.com/grafana/grafana
-
Is Chocolatey v2.0 now the stable CLI version?
SaltStack
-
Probably asked before, but any opinions on Ansible against Salt
One thing that really irks me about Salt, though, is that they are very slow to fix bugs. My Salt states are littered with workarounds for bugs that have been open for multiple years. Even in basic things, like ssh authorized_keys management. Other than bug velocity, though, I've been pretty pleased with Salt.
-
NetworkManager with salt
Here are several related GitHub issues: - https://github.com/saltstack/salt/issues/54791 - https://github.com/saltstack/salt/issues/57541 - https://github.com/saltstack/salt/issues/16089
-
What's new in Salt 3006 Sulfur LTS
For clarity, here's the issue: https://github.com/saltstack/salt/issues/64111
-
Someone needs to fork salt, VMware has all but abandoned it.
Nightly builds on supported branches & master running the full test suite, producing fully tested builds. https://github.com/saltstack/salt/actions/workflows/nightly.yml
- Salt issue on FreeBSD
-
What is going on? Someone is speaking to me in my head.
It's definitely some sort of AI script. Not this exactly, but something working off Python or scripts of thar nature. https://github.com/saltstack/salt
What are some alternatives?
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Rundeck - Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Cloud-Init - unofficial mirror of Ubuntu's cloud-init
falco - Cloud Native Runtime Security
Ansible - Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
kubernetes - Production-Grade Container Scheduling and Management
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Nomad - Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.
Snort - Snort++
Docker Compose - Define and run multi-container applications with Docker