osquery input plugin
Add this line to your application's Gemfile:
gem 'fluent-plugin-osquery'
And then execute:
$ bundle
Or install it yourself as:
$ gem install fluent-plugin-osquery
Create home directory: (It could be unnecessary)
$ sudo mkdir -p /home/td-agent/.osquery
$ sudo chown td-agent /home/td-agent/.osquery
<source>
type osquery
tag osquery
interval 60
query select * from processes
</source>
- Fork it
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create new Pull Request
Copyright (c) 2015 Hidenori Suzuki. See LICENSE for details.