Installing Uptycs osquery on Kubernetes

Installing Uptycs osquery on Kubernetes

Copy the your YAML manifest file (uptycs_osq_daemonset_<customer>.yaml) to the kubernetes client machine (a machine with the command: kubectl).

 

1. Create the daemon set using following command:

   kubectl create -f uptycs_osq_daemonset_<customer>.yaml 

 

2. Verify the osquery daemon set using following command:

   kubectl get ds

   Example output:

NAME             DESIRED   CURRENT   READY     UP-TO-DATE   AVAILABLE   NODE SELECTOR        AGE

uptycs-osquery   1         1         1         1            1           app=uptycs-osquery   1d

 

3. List the Kubernetes node information using following command:

    kubectl get nodes

    Example output:

NAME                                                                    STATUS    ROLES     AGE       VERSION

gke-standard-cluster-2-default-pool-3ee557eb-6gpg   Ready     <none>    1d        v1.11.6-gke.2

gke-standard-cluster-2-default-pool-3ee557eb-7l9r   Ready      <none>    1d        v1.11.6-gke.2

gke-standard-cluster-2-default-pool-3ee557eb-bktz   Ready     <none>     1d        v1.11.6-gke.2

 

4. Label each nodes with osquery app:

   kubectl label node <node name> app=uptycs-osquery

   

   Example commands:

    kubectl label node gke-standard-cluster-2-default-pool-3ee557eb-6gpg app=uptycs-osquery

    kubectl label node gke-standard-cluster-2-default-pool-3ee557eb-6gpg app=uptycs-osquery

    kubectl label node gke-standard-cluster-2-default-pool-3ee557eb-bktz app=uptycs-osquery

 

5. Verify the osquery pods with the command below:

   kubectl get pods

 

   Example output:

NAME                      READY     STATUS    RESTARTS   AGE

uptycs-osquery-7rvvb   1/1         Running      0                    1d

 

 

 

    • Related Articles

    • Installing Uptycs Protect using Jamf Pro

      Overview This document outlines the procedure on how to install the Uptycs Protect agent on macOS using Jamf. If you are already familiar with Jamf, please use the attached UptycsProtect.plist and UptycsProtect.mobileconfig files to setup Uptycs ...

    • Installing OSQuery using Jamf Pro

      Overview This document outlines the procedure on how to install the Uptycs osquery agent on macOS using Jamf. If you are already familiar with Jamf, please use the attached UptycsOsquery.plist and UptycsOsquery.mobileconfig files to setup Uptycs ...

    • Installing Uptycs Agent on MacOS using JAMF

      Overview This document outlines the procedure on how to install the Uptycs osquery agent on macOS using JAMF. Procedure  Installation Download the installer. Login to JAMF. You must have a JAMF Plus plan to be able to deploy custom macOS packages     ...

    • Installing osquery on MacOS Catalina if error "Apple cannot check it for malicious software"

      If the installation on MacOS Catalina fails with the error "osquery-v-xxxxx-Uptycs-darwin.pkg can't be opened because Apple cannot check it for malicious software" Then download the agent without flags & secret ...and install it.  Then download the ...

    • Operating System versions supported by Uptycs OSquery agent

      The article includes the list of operating system supported by Osquery  successfully in our labs. Legend: U- Ubuntu C- CentOS R - RHEL W - Windows M- MacOS D - Debian A- Amazon AMI Osquery version U 14 U 16 U 18 C 6 C 7 C 8 R 5 R 6 R 7  R 8 A 2 2018 ...