Fast and efficient osquery management.
osctrl is a fast and efficient osquery management solution, implementing its remote API as TLS endpoint.
With osctrl you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs and allow you to run on-demand queries.
Warning
osctrl is a fast evolving project, and while it is already being used in production environments, it is still under active development. Please make sure to read the documentation and understand its current state before deploying it in a critical environment.
You can use docker to run osctrl and all the components are defined in the docker-compose-dev.yml that ties all the components together, to serve a functional deployment.
Ultimately you can just execute make docker_dev and it will automagically build and run osctrl locally in docker, for development purposes.
You can find the documentation of the project in https://osctrl.net
Find us in the #osctrl channel in the official osquery Slack community (Request an auto-invite!)
osctrl is licensed under the MIT License.
Feel free to fork the repository and submit pull requests. For major changes, please open an issue first to discuss what you would like to change.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
![@github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=64&v=4){kind=small}
