![query osquery on another machine query osquery on another machine](https://st6.io/static/9a7becdca36fc4bad62ebbb26f677275/b297c/airtable-indeed-query.png)
I base this on findings from the SANS 2018 Survey on Endpoint Protection. Because guess what? It turns out you can throw all the endpoint++, machine learning, AI-based detection and prevention technology you want at your systems, but unless you’ve got 100% coverage, you still have risk. It isn’t easy-every time I open my Twitter feed, someone's going off about the latest open-source this and next-gen that. If you see him, tell him he owes me a chilled bottle of Loire Valley rosé and that I want my Smiths mixtapes back.Īs part of recent work within the Security Specialist team at Splunk, we’ve been taking a closer look at sources of endpoint data that we're seeing across our customer base. However, he asked me to come out of semi-retirement for this blog on osquery. He doesn’t understand that my current job at Splunk is to “manage” a bunch of security people-not to actively do hands-on experimentation and write up explanations of security-useful data sources.
![query osquery on another machine query osquery on another machine](https://www.windows-noob.com/forums/uploads/monthly_10_2014/post-1-0-28004000-1414274016.png)
QUERY OSQUERY ON ANOTHER MACHINE HOW TO
With that in mind, James goes over some interesting things he has found and how to do them! – Ryan KovarĪuthor's Note: Ryan Kovar is a taskmaster. However, along with its ability for real-time information pulls, it's also a phenomonal tool for logging. This series is now legally allowed to drink! (Which is relevent when dealing with James Brodsky as a contributing author.) osquery has quickly become one of the most used resources for gathering data on *nix and MacOSs. This blog post is part twenty-one of the " Hunting with Splunk: The Basics" series.