Project1 OSQuery

Thomsen Tech Journal

Partner: Abijah B.

Stated Goal of the Assignment

Your security engineering technical lead --has asked you to investigate a potential security tool called OSQuery. They have asked that you be prepared to demonstrate the application itself and its integration into the corporate EDR platform (wazuh). You are expected to demo your results to the full security engineering team in two weeks.

Useful Sources

List out any sources that were used or found to be helpful during the process.

• osquery

• wazuh.docs

• OSQuery

• install guide

• Classmate Paul

• OSquery examples

Steps from the Process that differ from the guides followed

Document any notes that were taken while working on the assignment.

• LabDocs 1P

• SubDocs + Video Link 1P

• Partner Git

Additional Notes

Include any additional notes or observations made while working on the assignment.

N/A

Troubles Encountered

**List out any issues that were encountered while working on the assignment. **

1. 

Resolutions

If any issues were solved, list out the resolutions for each problem.

• pid issue is caused when enabling the service as followed in the actual wazuh docs. It was altered in our SubDoc.

Further Questions

List out any questions that arose while working on the assignment.

N/A