3/28/2023 0 Comments Doorman osqueryNote: -proxy_hostname is used to communicate via proxy server. The node will request the key during an initial enroll step then post the key during subsequent requests for config or logging. The validity of a node_key is determined and implemented in the TLS server. Make config/logger requests while providing node_key as identification/authentication.Receive a node_key and store within the node's persistent storage (RocksDB).Submit an -enroll_secret_path, an -enroll_secret_env, or use TLS-client authentication, to the enroll endpoint.Place your server's root certificate authority's PEM-encoded certificate into a file, for example /path/to/server-root.pem and configure the client to pin to these roots: -tls_server_certs=.Configure a proxy -proxy_hostname (Optional Step).Configure a target -tls_hostname, -enroll_tls_endpoint.Enrollment provides an initial secret to the remote server in order to negotiate a private node secret used for future identification. If you enable either config or logger tls plugins the enrollment plugin will turn on automatically. The initial step is called an "enroll step" and in the case of tls plugins, uses an implicit enroll plugin, also called tls. Machines running osqueryd processes are called nodes and must authenticate to the remote server for every config retrieval and log submission request. The most important differentiator to the filesystem suite of plugins is an authentication (and enrollment) step. The remote settings uses a lot of additional CLI-flags for configuring the osquery clients, they are mostly organized under the Remote Settings heading. It is best to write custom plugins that implement specific web services or integrations. The remote settings and plugins are mostly provided as examples. osquery provides somewhat flexible node (the machine running osquery) authentication and identification though an 'enrollment' concept. The default built-in plugins receive and report via URI endpoints. Osquery's remote configuration and logger plugins are completely optional.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |