Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Justin Kwon
    @yskwon0830_twitter
    hello, I'm looking for a way to change a GRR's locale and time. Do you have any hints? It is as JST(in Tokyo). (sorry if this is not the right place for this question)
    gcddym
    @gcddym
    This message was deleted
    Carl Henrik Lunde
    @chlunde
    How many concurrently open files should I expect on a data server? I'm seeing ~700 now, it looks like systemd defaults to 1024 as I limit and at some point I've reached that. Ref. google/grr#395
    I'm wondering if there's a third issue with my setup, that I should not be close to 1024 anyway with just a handfull clients for testing. Now (with 700 files open on two data nodes) I have 700 files/sockets open.
    Carl Henrik Lunde
    @chlunde
    https://github.com/google/grr-doc/blob/master/docker.adoc uses 1048576 :)
    So for systemd, LimitNOFILE=1048576
    Greg Castle
    @destijl
    @chlunde yes, set it big if you're using the sqlite datastore
    @yskwon0830_twitter we use UTC everywhere, you should set the server to UTC. Supporting anything else is complicated, error prone, and a waste of time for us (there is no timezone we could pick that would make any sense).
    @yskwon0830_twitter also, users mailing list will probably get you a faster reply next time
    lorz
    @lorz
    hi there
    lorz
    @lorz
    anybody online?
    i'd need some help with my first flow. I've made a dummy py file, added to the registry_init file but now the server just doesn't start
    lorz
    @lorz
    I probably screw it but don't know where or what. I made my test directly into the path -> /usr/share/grr-server/lib/python2.7/site-packages/grr/lib/flows/general
    lorz
    @lorz
    k, going to post at github forum
    Greg Castle
    @destijl
    hey, yeah, stick it in an email with the backtrace of what happened when the server wouldn't start
    Joshua Trombley
    @jtrombley90_twitter
    Could anyone tell me if you can configure grr to run commands like taskkill and such ad hoc?
    Greg Castle
    @destijl
    You can run it via python: https://github.com/google/grr-doc/blob/master/admin.adoc#deploying-arbitrary-python-code
    There's also some whitelisted commands, but these are baked into the client at build time and can't be changed later:
    https://github.com/google/grr/blob/2a96c8ad48d587bc1a69934ff7594fbec2e908fe/grr/client/client_utils_common.py#L121
    @jtrombley90_twitter
    Joshua Trombley
    @jtrombley90_twitter
    Thanks so much! Wasn't able to find anything. Exactly what I was looking for.
    Any info on that elastic search plugin that was in progress? Unable to find that too.
    Greg Castle
    @destijl
    @jtrombley90_twitter here's the tracking bug, I haven't heard anything recently, you could ping that and ask: google/grr#374
    dasdcs1
    @dasdcs1
    This message was deleted
    kefkii
    @kefkii
    having a hard time finding any set limits, i'm sure its going to vary depending on hardware resources, but what is the theoretical limits for number of grr clients per grr server
    gautamaggarwal1989
    @gautamaggarwal1989
    Can we contribute to code or documentation?
    Andreas Moser
    @grrrrrrrrr
    @kefkii have a look at https://github.com/google/grr-doc/blob/master/faq.adoc#what-hardware-do-i-need-to-run-grr
    @gautamaggarwal1989 contributions to both code and docs are appreciated of course!
    Greg Castle
    @destijl
    Livestream is up and running, watch here: https://www.youtube.com/watch?v=SIvf7-Lzp2M
    Hilko Bengen
    @hillu
    I am looking forward to Golang-based GRR client. Where's the code?
    Greg Castle
    @destijl
    @hillu coming, will be in the same repo
    we have only just started so not much to share yet
    mlakomy
    @miloszlakomy
    Great to hear you're looking forward to it. :) It's still experimental right now, we'll likely push it to the regular GRR github repo in a while: github.com/google/grr
    Hilko Bengen
    @hillu
    And the idea of standalone packages around Fleetspeak definitely sounds interesting.
    mlakomy
    @miloszlakomy
    Definitely. It's always cleaner to separate big projects like ours into separate components. We also look forward to it
    Hilko Bengen
    @hillu
    Looks like I will get to port an endpoint IOC scanner to it.
    Andreas Moser
    @grrrrrrrrr
    nginx for HA?
    hj0x3
    @hj0x3
    Still foresee supporting use of the SQLite+HTTPDatastore?
    bobbypistol
    @bobbypistol
    When will the API client lib be released?
    Keith Tyler
    @keithtyler
    Any idea when spanner support will be added?
    hj0x3
    @hj0x3
    Ok great, thanks!
    Greg Castle
    @destijl
    @bobbypistol https://github.com/google/grr/blob/master/api_client/python/README.md
    bobbypistol
    @bobbypistol
    yeah i found it thkx :)
    Hilko Bengen
    @hillu
    are you aware of anyone working on API client libs for other languages?
    Andreas Moser
    @grrrrrrrrr
    yes, laetita our intern (for Go)
    Hilko Bengen
    @hillu
    will that code also be added to the grr repository?
    Andreas Moser
    @grrrrrrrrr
    yeah totally, expect code in ~1 month
    presentation from today: https://drive.google.com/file/d/0Bzniab0ILSg6RkdyUGZYOGtuX1U/view?usp=sharing
    Keith Tyler
    @keithtyler
    thanks for the info today GRR folks, keep up the awesome work!
    Hilko Bengen
    @hillu
    Not sure if I missed that -- what's the expected timeframe for the fleetspeak feature? Will that be part of the next stable release?