In gif form, it is this:
In word form, it is...
- A C++ application that you deploy to each of your servers that wraps cfacter and osquery in websockets
- A nodejs web application that you deploy on one server, that allows you to query each of the aforementioned servers for osquery/facter information via websockets.
Eventually, I'd like to turn this into a lightweight inventory management for a fleet of servers (e.g. are any of my servers running vulnerable versions of openssl?).
I've helpfully provided a vagrant box and a script to get everything up and running, no compiling or interaction needed!
Simply check out this repo, vagrant up
, vagrant ssh
, and you're ready to go!
It uses the deb for dashiell up on bintray. So you can use that manually, too, if you want.
- To run it, open a couple terminals and
vagrant ssh
into the box in both!- Server:
- cd /vagrant/server
- npm install && node index.js
- You won't see any output to indicate that the server is running
- Client:
dashiell
- The server will say "registered server" and the client "waiting for queries"
- Then try it out!
- Then browse to
http://192.168.56.20:8080
- Click the "Run Query" button and watch results come back
- Then browse to
- Server:
And that's all there is to it. Hopefully there will be less to it in the future (you know, packages and stuff) and it will just be an apt-get away. But we aren't there yet. Sorry.
Anyway, with this configuration, you can easily work on the JS and HTML without having to worry about having all kinds of C++ stuff hanging around that you don't want.
If you find you need to change the C++ application for your work (or you just want to mess with it),
you can follow the directions in the following section. I hope to get those to be less insane
(or at least scripted) soon. But, again, cmake
is not my thing. At all.
See COMPILING.md in the root of this repo. I moved it out to the readme so I wasn't scaring anyone off who thought it was part of the no-compile instructions. I hope to have them less insane soon, anyway
See CONTRIBUTING.md in the root of this repo. Mostly I just need help with "everything", though.
You know, like Dashiell Hammet. Because it will help you investigate your servers. And also because it looks and sounds a little bit like "da shell." Get it?
Well...it's still early, I guess I could change the name.