Distributed velociratpor
Opened this issue · 2 comments
Do you know if velociraptor supports distributed installs? For example the security onion manager runs on a segmented network with no access while a sensor runs with a leg into the server network which will facilitate the velociraptor communications.
As it stands, Velociraptor currently runs on the manager node. This means that it clients will need to be able to connect to the manager node. I'm not saying it's not technically possible, but it's not currently supported. I will look at adding a dedicated Velociraptor node as time allows.
Sounds good I can assist with this if there are docs or references you can provide regarding the addition of new nodes. Im familiar with a decent amount of the infrastructure and have been interested in adding something more substantial to get more familiar.