-
Notifications
You must be signed in to change notification settings - Fork 292
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/osquery #8179
Feature/osquery #8179
Conversation
adds validation
alter syslog parser to event handler
use builtin function to perform http basic auth
use pf::config qw(%Config); | ||
use base 'pf::task'; | ||
use JSON; | ||
use HTTP::Tiny; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks to be a new lib, most of the time curl is used in the code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've notice we are using LWP::UserAgent in many times,
also several occurance of "WWW::Curl::Easy"
since HTTP::Tiny is also built-in ones, shall we switch to LWP
or WWW::Curl::Easy
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove the need to prefix fleetdm payloads in the email templates with [% notes %], so that [% notes.policy.id %] becomes [% policy.id %], along with all the other variables.
Description
adds osquery support to PacketFence
Impacts
added new authentication method - http basic auth when handling fleetdm api calls.
added fleetdm roles by default
added fleetdm api handlers
added fleetdm event task processors
added new event types related to fleetdm policy / cve
added default isolation template for fleetdm policy / cve
Delete branch after merge
YES
Checklist