Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/osquery #8179

Merged
merged 33 commits into from
Jul 9, 2024
Merged

Feature/osquery #8179

merged 33 commits into from
Jul 9, 2024

Conversation

stgmsa
Copy link
Contributor

@stgmsa stgmsa commented Jun 12, 2024

Description

adds osquery support to PacketFence

Impacts

added new authentication method - http basic auth when handling fleetdm api calls.
added fleetdm roles by default
added fleetdm api handlers
added fleetdm event task processors
added new event types related to fleetdm policy / cve
added default isolation template for fleetdm policy / cve

Delete branch after merge

YES

Checklist

  • [yes] Document the feature
  • Add OpenAPI specification
  • Add unit tests
  • Add acceptance tests (TestLink)

@stgmsa stgmsa marked this pull request as ready for review June 19, 2024 16:37
@satkunas satkunas requested a review from abprasa July 2, 2024 15:57
@satkunas satkunas added this to the PacketFence-14.0 milestone Jul 2, 2024
docs/PacketFence_Upgrade_Guide.asciidoc Outdated Show resolved Hide resolved
docs/images/fleetdm-webhook-policy.jpg Outdated Show resolved Hide resolved
docs/installation/provisioner/fleetdm.asciidoc Outdated Show resolved Hide resolved
go/caddy/fleetdm/fleetdm.go Outdated Show resolved Hide resolved
use pf::config qw(%Config);
use base 'pf::task';
use JSON;
use HTTP::Tiny;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks to be a new lib, most of the time curl is used in the code.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've notice we are using LWP::UserAgent in many times,
also several occurance of "WWW::Curl::Easy"

since HTTP::Tiny is also built-in ones, shall we switch to LWP or WWW::Curl::Easy ?

conf/chi.conf.defaults Show resolved Hide resolved
Copy link
Contributor

@satkunas satkunas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove the need to prefix fleetdm payloads in the email templates with [% notes %], so that [% notes.policy.id %] becomes [% policy.id %], along with all the other variables.

@stgmsa stgmsa requested review from satkunas and fdurand July 9, 2024 11:53
@satkunas satkunas merged commit 67c6e9a into devel Jul 9, 2024
13 checks passed
@stgmsa stgmsa deleted the feature/osquery branch November 13, 2024 21:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants