osctrl Changelog

0.2.6

Git Commits

What's New

• Profile edit and password change for users by @javuto in https://github.com/jmpsec/osctrl/pull/133
• osquery 4.6.0 by @javuto in https://github.com/jmpsec/osctrl/pull/134
• Fix for updating existing osctrl by @javuto in https://github.com/jmpsec/osctrl/pull/135
• Dashboard with simple reporting for nodes by @javuto in https://github.com/jmpsec/osctrl/pull/136
• Show target for on-demand query results by @javuto in https://github.com/jmpsec/osctrl/pull/139
• Grab packs and schedule only if dashboard is enabled by @javuto in https://github.com/jmpsec/osctrl/pull/140
• TLS 1.2 and 1.3 by @javuto in https://github.com/jmpsec/osctrl/pull/141
• Using UUIDs for environments in URLs and references by @javuto in https://github.com/jmpsec/osctrl/pull/142
• Edit environment hostname from osctrl-admin by @javuto in https://github.com/jmpsec/osctrl/pull/143
• Save on-demand queries when created by @javuto in https://github.com/jmpsec/osctrl/pull/144
• osquery 4.7.0 by @javuto in https://github.com/jmpsec/osctrl/pull/149
• osquery 4.9.0 by @javuto in https://github.com/jmpsec/osctrl/pull/150
• Migration to new JWT library by @javuto in https://github.com/jmpsec/osctrl/pull/151
• Migration to new JWT library by @javuto in https://github.com/jmpsec/osctrl/pull/152
• Migration to new JWT library by @javuto in https://github.com/jmpsec/osctrl/pull/153
• Adding osquery 5.0.1 schema by @javuto in https://github.com/jmpsec/osctrl/pull/155
• Fix for osqueryd path in 5.0.1 by @javuto in https://github.com/jmpsec/osctrl/pull/156
• Added docker-compose, Dockerfiles, and configs by @bbornholm in https://github.com/jmpsec/osctrl/pull/154
• Cleaning up docker environment by @javuto in https://github.com/jmpsec/osctrl/pull/158
• Adding support for VMWare vagrant provider by @javuto in https://github.com/jmpsec/osctrl/pull/159
• Makefile commands for docker logs by @javuto in https://github.com/jmpsec/osctrl/pull/160
• Commit initial CI/CD pipeline by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/162
• CI/CD pipeline for Dockerhub by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/163
• Fix for file carving bug by @javuto in https://github.com/jmpsec/osctrl/pull/164
• Changed branch name to main by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/165
• Updated CI/CD to include CHANGELOG.md and created template CHANGELOG.md by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/166
• Changed Dockerhub tag path from user to org by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/167
• Changed Dockerhub tag path from user to org by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/168
• Changed Dockerhub tag path from org to user - switcharoo by @CptOfEvilMinions in https://github.com/jmpsec/osctrl/pull/169

New Contributors

• @bbornholm made their first contribution in https://github.com/jmpsec/osctrl/pull/154
• @CptOfEvilMinions made their first contribution in https://github.com/jmpsec/osctrl/pull/162

Full Changelog: https://github.com/jmpsec/osctrl/compare/0.2.5...v0.2.6

Changes

• Fix for #109 : An unprivileged user could see all environment names in the left panel of osctrl-admin - #117
• Detect git changes when upgrading using provision.sh - #118
• Split osquery configuration into parts - #122
• Fix for upgrading existing osctrl using rsync to keep templates and static files updated - #123
• Add query packs from osctrl-cli and other osquery configuration operations - #126
• Fix for #79 and #109 : Default environment per user can be selected on user creation - #130

Changes

• Fix for #94 : Avoid using InsecureSkipVerify when sending requests to HTTPS - #95
• Adding OpenAPI 3.01 YAML file for he documentation of osctrl-api - #96
• Adding BTC and ETH wallets for donations - #97
• Fix for #93 : Potential DOM XSS in environment name - #105
• Implementation of #104 : Display enrollment time for nodes in table - #106
• Support for Ubuntu 20.04 LTS using provision.sh - #107
• Build support for go 1.15.6 - #108
• Provide IP address as ENV variables for Vagrantfile - #110
• Fix for provision using own certificate - #111
• Upgrade in pkg goxmldsig due to CVEs - #112
• Upgrade in pkg saml due to CVEs - #113
• Refactor needed after saml pkg upgrade and go 1.15 support - #114
• Enroll one-liners can use proper certificates - #115

Changes

• Fix for #71: Quick enroll using osctrl-admin - #72
• Fix for #71: Docker quick enroll - #73
• Implementation of #69: Ability to tag nodes - #74
• Support for osquery 4.4.0 - #80
• Fix for #82: UUIDs bug when receiving logs - #83
• Change license from GPLv3 to MIT - #84
• Upgrade to Grafana 6.7.4 - #85
• Support for osquery 4.5.1 - #91

Changes

• Refactor for TLS handlers that will allow easier unit testing - #54
• Refactor in osctrl-admin to use handlers from its own module - #59
• Fix for prod provisioning and better structure of provision.sh - #60
• Fix for #58 when logs won't display unless you let the page refresh - #61
• Refresh flags when update an environment using osctrl-cli - #62
• Fix for #55 to display a message when a change was done with osctrl-cli - #63
• Ability to upgrade osctrl deployment using provision.sh - #64
• Implementing #65 and #26 to allow multi-loggers in osctrl-tls - #66
• Limit local status, result and query logs - #68
• Fix for #67 to fix the docker deployment using dockerize.sh - #70

Changes

• Fix for local query logs and better metrics - #44
• Refactor http responses all across services - #46
• Users are editable from the users view in osctrl-admin - #47
• Fixed bug (#29) with select and not respecting filter - #48
• Platform view of nodes only available for admins - #49
• Mixed changes mostly in osctrl-admin - #50
• Adding tests for utils package - #51
• RBAC permissions for users in osctrl-admin and indirectly osctrl-api - #52
• Permissions in templates and refactor for better checks - #53

Changes

• Fixed Graylog plugin not sending result- #25 by @kosborn
• Adding osctrl-api component - #28
• Log distributed queries results locally - #30
• Hidding API queries - #31
• Bugfix: Invalid logging method for api, default to none - #34
• Refactor: to use struct for html layout pages - #35 by @friedbutter
• Productionalize osctrl-api - #36
• No more plugins - #37
• Using custom User Agent for HTTP requests - #39
• Make services wait for backend - #40
• Preparing for osquery 4.2.0 - #41
• Compile osctrl statically - #42
• Fix for local logs and better metrics - #44
• Support for osquery 4.2.0 - #45

Changes

• Implementation by @obelisk of the header authentication method, quite useful in deployments where there is a transparent proxy or middleware that abstracts auth by adding headers to HTTP traffic - #16
• Fix for #9 where some directories were not created (certs and config) and the docker deployment was failing - #20
• Show the service version in osctrl-admin UI - #22
• Fix for #17 reported by @kosborn and when using the graylog logging option, the grouping of messages was making Graylog to not process the messages correctly - #23
• Added a tool to test logging using HTTP requests (graylog, splunk...), that implementes a basic HTTP catch-all - #23
• Adding tool to cut a release using the API, so it will show in latest releases - #24

Changes

• Code to make possible having users in osctrl-admin that only see information, but can not take any actions such as run queries, run carves, delete nodes, change settings, change environments, modify users, change configuration, change intervals or modify enrolling links or certificates - #12
• Better metrics around JSON distribution endpoints - #12
• When visiting a node, the environment collapsible stays open - #12
• Adding email to user record - #14
• Ability to add the email from the user creation modal - #14
• Ability to add/edit the email from osctrl-cli - #14
• Adding loginurl field in the saml.json configuration, to provide the login URL to redirect to, if the session is expired or there is an error parsing the JWT token - #15
• Make login logo image a bit smaller - #15

Changes

• Fix for metrics, to avoid a crash when metrics is enabled but the metrics.json isn't in place nor the configuration loaded (or correct) - #10
• SAML authentication creates user sessions and extract data from the JWT token - #10
• On-demand queries by host was not working properly and it was not added as target - #10
• Queries and carves details now show the targets and improvements to style - #10
• Cleanup code for SAML and metrics - #10
• Adding support for newly released osquery 4.0.2 - #11
• Splunk logging can now include links to status, results and on-demands logs - #11
• Adding icons for archlinux platform - #11
• Display expected / executed / errors in on-demand queries table - #11
• Display expected / executed / errors in carves table - #11