Portal 36010 /Osquery : Release Details

Portal 36010 /Osquery : Release Details

Welcome to Uptycs portal release 36010 and Osquery release, released Apr 05, 2019

New! Introducing Audit Rules for Linux

With this release, Uptycs introduces a powerful new feature which will enable you to use osquery and Uptycs as a complete replacement for auditd. This feature enables you to capture any and every syscall event, and you can administer this feature at an asset level, tag level, or asset-group level, and access the audit logs using the same convenient SQL queries you use for every other table.

Following are other key fixes / improvements : 

Portal Release 36010

UI Enhancements

  • File Integrity Monitor (FIM) Configuration - FIM Configuration UI enhanced to grid layout with ability to sort and filter entries based on all attributes of the FIM rule.
  • Alert Rule Configuration - Ability to add categories to each alert. This provides the ability to provide custom categories at the alert level.
  • Alert Exceptions - Alert Exception add / edit dialogs have been enhanced with a refreshed design.

Osquery release

  • syscall support added on Osquery side to support configuration and management of Audit rules from the portal.

Let us know if you have any questions / concerns.

Uptycs Support Team