Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Andreas Moser
    @grrrrrrrrr
    @gautamaggarwal1989 contributions to both code and docs are appreciated of course!
    Greg Castle
    @destijl
    Livestream is up and running, watch here: https://www.youtube.com/watch?v=SIvf7-Lzp2M
    Hilko Bengen
    @hillu
    I am looking forward to Golang-based GRR client. Where's the code?
    Greg Castle
    @destijl
    @hillu coming, will be in the same repo
    we have only just started so not much to share yet
    mlakomy
    @miloszlakomy
    Great to hear you're looking forward to it. :) It's still experimental right now, we'll likely push it to the regular GRR github repo in a while: github.com/google/grr
    Hilko Bengen
    @hillu
    And the idea of standalone packages around Fleetspeak definitely sounds interesting.
    mlakomy
    @miloszlakomy
    Definitely. It's always cleaner to separate big projects like ours into separate components. We also look forward to it
    Hilko Bengen
    @hillu
    Looks like I will get to port an endpoint IOC scanner to it.
    Andreas Moser
    @grrrrrrrrr
    nginx for HA?
    hj0x3
    @hj0x3
    Still foresee supporting use of the SQLite+HTTPDatastore?
    bobbypistol
    @bobbypistol
    When will the API client lib be released?
    Keith Tyler
    @keithtyler
    Any idea when spanner support will be added?
    hj0x3
    @hj0x3
    Ok great, thanks!
    bobbypistol
    @bobbypistol
    yeah i found it thkx :)
    Hilko Bengen
    @hillu
    are you aware of anyone working on API client libs for other languages?
    Andreas Moser
    @grrrrrrrrr
    yes, laetita our intern (for Go)
    Hilko Bengen
    @hillu
    will that code also be added to the grr repository?
    Andreas Moser
    @grrrrrrrrr
    yeah totally, expect code in ~1 month
    Keith Tyler
    @keithtyler
    thanks for the info today GRR folks, keep up the awesome work!
    Hilko Bengen
    @hillu
    Not sure if I missed that -- what's the expected timeframe for the fleetspeak feature? Will that be part of the next stable release?
    Andreas Moser
    @grrrrrrrrr
    we are not sure yet. we have a Linux POC almost done, once we can test it we will see how much effort porting the rest (windows!, mac) is
    Kishan Bhashyam
    @kishanbhashyam

    I am aware of the below:

    In [1]: aff4.FACTORY.Delete(rdf_client.ClientURN('C.28fd23102959d17f')) ◄ ----- (C.28fd23102959d17f is the client ID)

    What is the best way to delete multiple clients? (say 50 or so).. Can i do something along the lines of:
    In [1]: aff4.FACTORY.Delete(rdf_client.ClientURN('C.28fd23102959d17f,C.456fd2456562959d17f,C.34fd231023459d17f'))
    Thanks in advance.
    Kishan.

    ric026
    @ric026
    Hapus
    DaivikDave
    @DaivikDave
    I just installed ubuntu along with windows . Everything works fine except internet is not working in ubuntu .can someone help me?
    Phalanx Security
    @PhalanxSecurity
    Has anyone run into an issue with the new install where the csv output plugin is missing?
    Keith Tyler
    @keithtyler
    Phalanx Security
    @PhalanxSecurity
    Awesome. Ok thanks. Sorry about the silly question. Wasn't able to find that on google
    What about a way have hunts export to an elk server? I found that someone was using logstashnans the csv output. Any other methods available?
    Andreas Moser
    @grrrrrrrrr
    sorry we realized we have no sound
    Keith Tyler
    @keithtyler
    if it helps, i heard audio in the beginning
    Andreas Moser
    @grrrrrrrrr
    yeah but then the usb disconnected and screwed up the machine :)
    Hilko Bengen
    @hillu
    I always assumed that using HTTP + the GRR-specific protocol instead of HTTPS for client/server communication was about avoiding trouble with middle-boxes that MITM TLS connections. (Was that not the main design choice there?) Why are you switching away from that model for fleetspeak?
    Keith Tyler
    @keithtyler
    With ~30K the mysql backend doesn't seem to work for enterprise hunts, are you planning on making this a bit more scalable?
    Hilko Bengen
    @hillu
    will there be a tool for migrating the existing data to the new DS?
    Keith Tyler
    @keithtyler
    memory imaging is pretty useful, any possibility of keeping in that functionality ?
    Hilko Bengen
    @hillu
    keeping rekall around would probably need somebody who wants to take care of it.
    (somebody outside Google?)
    (Is Michael Cohen no longer working on Rekall?)
    or on pmem for that matter?
    thank you, that was the information I was looking for.
    briareosiso
    @briareosiso
    Hey all, i have a question for the authentication with GRR
    can i use LDAP ?
    Hilko Bengen
    @hillu
    not out of the box. You'd have to add your own webauth manager. See "Authentication to the Admin UI" in the documentation.
    Shion
    @ShionAt
    I shamelessly show ShionKeys to everyone
    https://vimeo.com/250953988
    gohelravi99
    @gohelravi99
    Installed grr properly in windows system, but how to run?