Setup

OSquery host configs

• OSquery config for Windows
• OSquery config for Linux
• OSquery config for macOS

Option 1 - Community

Install/Setup OSquery on Windows

Install/Setup OSquery on Linux

Install/Setup OSquery on macOS

Option 2 - Paranoid

Install/Setup OSquery on Windows

A Powershell script has been provided to download/install OSquery and then pull down OSquery configs for Windows. This script accepts several command line arguments such as: osquery_version, osquery_flag_url, osquery_conf_url.

1. Open Powershell as Administrator
2. Invoke-Webrequest https://raw.githubusercontent.com/CptOfEvilMinions/QueryLab/master/osquery_configs/Windows/setup.ps1 -OutFile setup.ps1
3. .\setup.ps1
   1. Set-ExecutionPolicy Unrestricted
   2. 

Install/Setup OSquery on Linux

A BASH script has been provided to download/install OSquery and then pull down OSquery configs for Linux. This script accepts several command line arugments such as: osquery_version, osquery_flag_url, osquery_conf_url.

1. Open a terminal as Administrator
2. wget https://raw.githubusercontent.com/CptOfEvilMinions/QueryLab/master/osquery_configs/Linux/setup.sh
3. ./setup.sh
   1. 

Supported OSes

• Ubuntu Server 18.04 64-bit
• CentOS 7 64-bit

Install/Setup OSquery on macOS

A BASH script has been provided to download/install OSquery and then pull down OSquery configs for macOS.

1. Open a terminal as Administrator
2. curl https://raw.githubusercontent.com/CptOfEvilMinions/QueryLab/master/osquery_configs/macOS/setup.sh --output setup.sh
3. chmod +x setup.sh
4. ./setup.sh
   1. 

Supported OSes

• macOS Mojave 10.14.3

Resources/Sources