Add --yara_sigurl_authenticate flag by zwass · Pull Request #8437 · osquery/osquery
added 2 commits
October 8, 2024 12:02
This allows osquery users to host their yara rules behind an authenticated endpoint. Allow authentication for yara sigurl requests by enabling this flag. When enabled, osquery will send a POST request with a body containing the node key as in other osquery TLS requests. Server response is expected to be the same as unauthenticated requests: a plaintext yara signature file.
zwass
changed the title
Yara sigurl authenticate
Add --yara_sigurl_authenticate flag
zwass
mentioned this pull request
15 tasks
zwass
deleted the
yara-sigurl-authenticate
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters