Aurora

Name	Size	Permissions	Actions
..	-	-	-

{
  // Configure the daemon below:
  "options": {

// The log directory stores info, warning, and errors.
    // If the daemon uses the 'filesystem' logging retriever then the log_dir
    // will also contain the query results.
    //"logger_path": "/var/log/osquery",

// Set 'disable_logging' to true to prevent writing any info, warning, error
    // logs. If a logging plugin is selected it will still write query results.
    //"disable_logging": "false",

// Splay the scheduled interval for queries.
    // This is very helpful to prevent system performance impact when scheduling
    // large numbers of queries that run a smaller or similar intervals.
    //"schedule_splay_percent": "10",
  },

// Define a schedule of queries:
  "schedule": {
    // This is a simple example query that outputs basic system information.
    "system_info": {
      // The exact query to run.
      "query": "SELECT hostname, cpu_brand, physical_memory FROM system_info;",
      // The interval in seconds to run this query, not an exact interval.
      "interval": 3600
    }
  },

// Decorators are normal queries that append data to every query.
  "decorators": {
    "load": [
      "SELECT uuid AS host_uuid FROM system_info;",
      "SELECT user AS username FROM logged_in_users ORDER BY time DESC LIMIT 1;"
    ]
  },

// Add default osquery packs or install your own.
  //
  // There are several 'default' packs installed via
  // packages and/or Homebrew.
  //
  // Linux:        /opt/osquery/share/osquery/packs
  // OS X:         /var/osquery/packs
  // Homebrew:     /usr/local/share/osquery/packs
  // make install: {PREFIX}/share/osquery/packs
  //
  "packs": {
    // "osquery-monitoring": "/opt/osquery/share/osquery/packs/osquery-monitoring.conf",
    // "incident-response": "/opt/osquery/share/osquery/packs/incident-response.conf",
    // "it-compliance": "/opt/osquery/share/osquery/packs/it-compliance.conf",
    // "osx-attacks": "/var/osquery/packs/osx-attacks.conf",
    // "vuln-management": "/opt/osquery/share/osquery/packs/vuln-management.conf",
    // "hardware-monitoring": "/opt/osquery/share/osquery/packs/hardware-monitoring.conf",
    // "ossec-rootkit": "/opt/osquery/share/osquery/packs/ossec-rootkit.conf",
    // "windows-hardening": "C:\\Program Files\\osquery\\packs\\windows-hardening.conf",
    // "windows-attacks": "C:\\Program Files\\osquery\\packs\\windows-attacks.conf"
  },

// Provides feature vectors for osquery to leverage in simple statistical 
  // analysis of results data. 
  //
  // Currently this configuration is only used by Windows in the Powershell
  // Events table, wherein character_frequencies is a list of doubles 
  // representing the aggregate occurrence of character values in Powershell 
  // Scripts. A default configuration is provided which was adapated from 
  // Lee Holmes cobbr project: 
  // https://gist.github.com/cobbr/acbe5cc7a186726d4e309070187beee6
  // 
  "feature_vectors": {
    "character_frequencies": [
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.00045,  0.01798,
      0.0,      0.03111,  0.00063,  0.00027,   0.0,      0.01336,  0.0133,
      0.00128,  0.0027,   0.00655,  0.01932,   0.01917,  0.00432,  0.0045,
      0.00316,  0.00245,  0.00133,  0.001029,  0.00114,  0.000869, 0.00067,
      0.000759, 0.00061,  0.00483,  0.0023,    0.00185,  0.01342,  0.00196,
      0.00035,  0.00092,  0.027875, 0.007465,  0.016265, 0.013995, 0.0490895,
      0.00848,  0.00771,  0.00737,  0.025615,  0.001725, 0.002265, 0.017875,
      0.016005, 0.02533,  0.025295, 0.014375,  0.00109,  0.02732,  0.02658,
      0.037355, 0.011575, 0.00451,  0.005865,  0.003255, 0.005965, 0.00077,
      0.00621,  0.00222,  0.0062,   0.0,       0.00538,  0.00122,  0.027875,
      0.007465, 0.016265, 0.013995, 0.0490895, 0.00848,  0.00771,  0.00737,
      0.025615, 0.001725, 0.002265, 0.017875,  0.016005, 0.02533,  0.025295,
      0.014375, 0.00109,  0.02732,  0.02658,   0.037355, 0.011575, 0.00451,
      0.005865, 0.003255, 0.005965, 0.00077,   0.00771,  0.002379, 0.00766,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0,      0.0,       0.0,      0.0,      0.0,
      0.0,      0.0,      0.0
    ]
  }    
}

Deprecated: version_compare(): Passing null to parameter #1 ($version1) of type string is deprecated in /home3/homscoke/public_html/wp-includes/load.php on line 159

Warning: require(/home3/homscoke/public_html/wp-includes/html-api/class-wp-html-doctype-info.php): Failed to open stream: No such file or directory in /home3/homscoke/public_html/wp-settings.php on line 258

Warning: require(/home3/homscoke/public_html/wp-includes/html-api/class-wp-html-doctype-info.php): Failed to open stream: No such file or directory in /home3/homscoke/public_html/wp-settings.php on line 258

Fatal error: Uncaught Error: Failed opening required '/home3/homscoke/public_html/wp-includes/html-api/class-wp-html-doctype-info.php' (include_path='.:/opt/cpanel/ea-php83/root/usr/share/pear') in /home3/homscoke/public_html/wp-settings.php:258 Stack trace: #0 /home3/homscoke/public_html/wp-config.php(102): require_once() #1 /home3/homscoke/public_html/wp-load.php(50): require_once('/home3/homscoke...') #2 /home3/homscoke/public_html/wp-blog-header.php(13): require_once('/home3/homscoke...') #3 /home3/homscoke/public_html/index.php(20): require('/home3/homscoke...') #4 {main} thrown in /home3/homscoke/public_html/wp-settings.php on line 258

Upload File

New Folder

New File

Add WordPress Admin

cPanel Password Reset

Edit: osquery.example.conf