Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add osquery_version to all logs #1840

Closed
RebeccaMahany opened this issue Aug 19, 2024 · 0 comments · Fixed by #1893
Closed

Add osquery_version to all logs #1840

RebeccaMahany opened this issue Aug 19, 2024 · 0 comments · Fixed by #1893
Labels
features-improvements Features and Improvements good-first-issue

Comments

@RebeccaMahany
Copy link
Contributor

We are finding that it would be useful to include the osquery version in logs, the same way that we do for launcher_version.

This issue has two parts.

First, we should make the osquery version available in the knapsack. Similar to the InModernStandby flag, this flag should not be set by the command-line options -- it should only be set by launcher itself. We should have the osquery runner check the version and set it, after starting up the osquery instance. This will allow us to set the version correctly a) on launcher startup and b) on osquery autoupdate, when the osquery instance is restarted. There is an example for performing a version check here during launcher startup.

Second, we should include this version, when available, when shipping logs. The relevant logshipping code is here.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
features-improvements Features and Improvements good-first-issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Log osquery version cesarfda/launcher
1 participant
@RebeccaMahany