v0.1.9

Changes

• Implementation by @obelisk of the header authentication method, quite useful in deployments where there is a transparent proxy or middleware that abstracts auth by adding headers to HTTP traffic - #16
• Fix for #9 where some directories were not created (certs and config) and the docker deployment was failing - #20
• Show the service version in osctrl-admin UI - #22
• Fix for #17 reported by @kosborn and when using the graylog logging option, the grouping of messages was making Graylog to not process the messages correctly - #23
• Added a tool to test logging using HTTP requests (graylog, splunk...), that implementes a basic HTTP catch-all - #23
• Adding tool to cut a release using the API, so it will show in latest releases - #24

v0.1.8

Changes

• Code to make possible having users in osctrl-admin that only see information, but can not take any actions such as run queries, run carves, delete nodes, change settings, change environments, modify users, change configuration, change intervals or modify enrolling links or certificates - #12
• Better metrics around JSON distribution endpoints - #12
• When visiting a node, the environment collapsible stays open - #12
• Adding email to user record - #14
• Ability to add the email from the user creation modal - #14
• Ability to add/edit the email from osctrl-cli - #14
• Adding loginurl field in the saml.json configuration, to provide the login URL to redirect to, if the session is expired or there is an error parsing the JWT token - #15
• Make login logo image a bit smaller - #15

v0.1.7

Changes

• Fix for metrics, to avoid a crash when metrics is enabled but the metrics.json isn't in place nor the configuration loaded (or correct) - #10
• SAML authentication creates user sessions and extract data from the JWT token - #10
• On-demand queries by host was not working properly and it was not added as target - #10
• Queries and carves details now show the targets and improvements to style - #10
• Cleanup code for SAML and metrics - #10
• Adding support for newly released osquery 4.0.2 - #11
• Splunk logging can now include links to status, results and on-demands logs - #11
• Adding icons for archlinux platform - #11
• Display expected / executed / errors in on-demand queries table - #11
• Display expected / executed / errors in carves table - #11

v0.1.5

Changes

• Adding parameters to binaries (osctrl-tls and osctrl-admin) to use different service configuration files or backend configuration.
• Backend JSON file includes DB performance values.
• Fixed bug (#1) where selecting all platforms/environments was not adding any targets to on-demand queries or file carves.
• Showing IP address and version of osquery in the list of nodes for osctrl-cli.

0.1.4

Changes

• Display secret, flags and certificate in enroll nodes section to be used manually.
• Flags are generated when creating an environment. Also added functionality to display them using osctrl-cli.
• Display enrolling metadata, as indented JSON, for each node.

0.1.6

Changes

• First contribution! Thanks @ryandeivert 😃
  • Tweaking the interface for carves and simplifying logic a bit (#3).
• Fix in osctrl-admin where using auth = none was making the service to crash with a panic (#5).
• Environment certificate can be uploaded from admin, health check for services and other small changes (#6).
• Better code for logging plugins. Added debug messages, fixed bugs and display expected executions for on-demand queries (#7 and #8).