steampipe-plugin-sdk
OSQuery
steampipe-plugin-sdk | OSQuery | |
---|---|---|
9 | 44 | |
29 | 21,361 | |
- | 0.5% | |
9.1 | 8.8 | |
7 days ago | 4 days ago | |
Go | C++ | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
steampipe-plugin-sdk
- Zero-ETL for Postgres: Live-query cloud APIs with 100 open source FDWs
-
Steampipe Hacktoberfest 2023
🔧 The CLI is written in Go, as well as the Steampipe Plugins connecting to various APIs like AWS, GitHub, Zoom, Reddit, and 130+ more. https://hub.steampipe.io/plugins
-
Cloudquery, Resoto, Steampipe, or Airbyte?
It's fully open source with a thriving community of users and contributors. As of today, there are 111 plugins (including AWS & Azure). We also have thousands of open source queries, security benchmarks, resource graphs and dashboards available out of the box as mods. See the Steampipe Hub for full docs and details.
-
Steampipe vs aws security hub
Steampipe is free, open source. It's a CLI used to SQL query & report across all your cloud APIs & data sources (e.g. AWS, GitHub, Slack, Kubernetes, Terraform, etc) along with a dashboards-as-code capability to run automated security & compliance benchmarks. Allows you to simply query & report without the overhead for log ingestion, ETL or a DB.
-
Need to audit an Azure environment, any tip?
For some background, the Steampipe CLI provides an open source, common SQL interface to query join and report from your cloud APIs (e.g. Azure, AWS, GitHub, AzureAD, M365, etc).
-
Enrich Splunk events with Steampipe
Not the author, but a big fan of steampipe. You can use this example as a starting point to write integrations with a number of other services that are supported by steampipe plugins.
-
Use SQL to query Microsoft 365 drive files, mail messages, team members and more (new open source project)
Since Steampipe provides a common SQL interface across plugins, there could be interesting 'joins' that you can do for querying & reporting -- any interesting joins you would consider across SPO, M365 or other plugins?
-
Steampipe (CLI to query APIs with SQL) is participating in Hacktoberfest 2022!
The CLI is written primarily in Go, as well as its plugins (e.g. AWS, GitHub, Slack, Zoom, Reddit, etc): https://hub.steampipe.io/plugins. You can extend an existing plugin by adding new 'tables', or you can write your own plugin for your favorite cloud service.
- Steampipe – Select * from Cloud;
OSQuery
-
Ask HN: SQLite in Production?
Perhaps the OP means OsQuery: https://github.com/osquery/osquery
OsQuery is an SQLite extension consisting of hundreds of virtual tables
-
Osquery: An sqlite3 virtual table exposing operating system data to SQL
There's at least one open data quality issue for `process_open_sockets` on macOS[1]. It's a few years old however and, if you aren't seeing that casting error, you probably aren't hitting it. But that's a good example of the kind of debt that's been built up over time.
(In terms of general purpose/flexible tooling, I'm not aware of a close replacement for osquery.)
[1]: https://github.com/osquery/osquery/issues/6319
- SQLite virtual table to query operating system data via SQL
-
Show HN: Natural Language to SQL "Text-to-SQL" API by Dataherald
The largest we have successfully deployed is on the OSQuery schema https://osquery.io/ which is 277 tables and lots of business context (malwares, vulnerabilities, Windows registry keys, etc).
-
Alternative to Endpoint Protector?
From a self hosted standpoint OSQuery or Wazuh are your best bets for monitoring USB devices. Windows makes blocking really challenging and I’m not aware of any “free” solutions that attempt it.
-
Firewall rules beyond "deny incoming, enable only the ports that you need"
Configure auditd to monitor host activity: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505 or osquery: https://osquery.io/ (or similar software: filebeat for example).
- Craziest thing I ever used SQLite for: partial file deduplication
-
Best Websites For Coders
OS Query : Easily ask questions about your Linux, Windows, and macOS infrastructure
-
Tool that let you know see EXE file on multiple PC?
Osquery + Fleet. https://osquery.io/ https://fleetdm.com/, using the two allows you to build a query to answer what ever questions you (or an auditor) might have about your environment.
- Osquery: SQL powered operating system instrumentation
What are some alternatives?
steampipe-plugin-aws - Use SQL to instantly query AWS resources across regions and accounts. Open source CLI. No DB required.
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
better-sql - Generate sql query from a concise query syntax inspired from EdgeDB and GraphQL
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
steampipe - Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.
falco - Cloud Native Runtime Security
steampipe-plugin-jira - Use SQL to instantly query Jira. Open source CLI. No DB required.
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
steampipe-plugin-tailscale - Use SQL to instantly query Tailscale resources. Open source CLI. No DB required.
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
steampipe-mod-aws-thrifty - Are you a Thrifty AWS dev? This mod checks your AWS accounts for unused and under-utilized resources using Powerpipe and Steampipe.
SaltStack - Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here: