Manual osquery release process
These are some notes about the manual osquery release process (circa 2019-12)
While our goal is to replace this with ci/cd, this is what today is.
References:
// Creates an app with a systray menu | |
// Still not quite right | |
package main | |
import ( | |
fyne "fyne.io/fyne/v2" | |
"fyne.io/fyne/v2/app" | |
"fyne.io/fyne/v2/canvas" | |
"fyne.io/fyne/v2/container" |
<!-- This is my imagemagick policy.xml file. It's a collection of various | |
recommendations cargo culted from around the internet to block various | |
exploits. It is effective in stopping CVE-2021-3781 (https://twitter.com/ducnt_/status/1434534373416574983 | |
and https://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50) --> | |
<policymap> | |
<policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> | |
<policy domain="coder" rights="none" pattern="EPHEMERAL" /> | |
<policy domain="coder" rights="none" pattern="EPI" /> | |
<policy domain="coder" rights="none" pattern="EPS" /> | |
<policy domain="coder" rights="none" pattern="MSL" /> |
These are some notes about the manual osquery release process (circa 2019-12)
While our goal is to replace this with ci/cd, this is what today is.
References:
// Some snippets of how I'm current doing subcommands. | |
package main | |
type subCommand struct { | |
Name string | |
Command func(context.Context, []string) error | |
Description string | |
} |
#include <stdlib.h> | |
#include <iostream> | |
#include <boost/regex.hpp> | |
#include <boost/algorithm/string/regex.hpp> | |
int main() { | |
// Works | |
{ |
class HashFormatter | |
def parse_json(string) | |
JSON.parse(string) | |
rescue | |
nil | |
end | |
def call(severity, timestamp, progname, msg) | |
base_struct = { | |
severity: severity, |
#!/usr/bin/perl | |
# We'd like to have a sanitized/elided copy of the database suitable | |
# for letting various people run reporting against. Thus, we need to | |
# strip out sensitive or noisy data. | |
# | |
# One "obvious" way to do that is with a table by table | |
# pg_dump. Unfortunatly, that ends up omiting the non-table data (like | |
# views) which we do need. thus, we have this awkward script. | |
# |
require 'csv' | |
CSV::Converters[:num2] = lambda do |num| | |
puts "Converter called with #{num}" | |
return num unless num.is_a?(Numeric) | |
sprintf('%.2f', num) | |
end | |
CSV.instance($stdout, | |
{ headers: [:name, :val] , write_headers: true, |
I wrote this in Feburary 2014, as a note to a friend, about solar. Though the market has changed, it might be useful to you.
My partner and I bought a house a couple years ago, and our roof is pretty ideal for solar. This fall, we spent awhile trying to understand the options, and we completed our installation in December. How programs work vary by state and year.