Invalid pack schema

Question

Invalid pack schema

zwass opened this issue 6 years ago · 2 comments

Thanks for the cool work here! I noticed that the schema for this pack is incorrect: https://github.com/teoseller/osquery-attck/blob/master/network_connection_listening.conf#L32. Maybe that description is supposed to be included with one of the queries?

Answer 1 · 2018-11-16T08:24:57.000Z

Hi Zach good morning, thank for the message
I try do give you an explanation about the "description" section
with the description i would like to show all the mitre techniques within the query pack, just to have all the techniques listed in one row
In all the query pack there is a description row.
do you have an error when you try to use the query pack ?

Answer 2 · 2018-11-20T08:41:23.000Z

changed the pack schema thanks to zwass.