Prebuilt packs reference

edit

Prebuilt packs reference

edit

This section lists all prebuilt packs available for Osquery Manager. Each pack is also available as a saved object, with the name Pack: <pack-name>.

For more information, refer to Prebuilt Elastic packs.

Name Description Source Added

hardware-monitoring

Monitor for hardware changes.

Osquery

8.2

incident-response

Detect and respond to breaches.

Osquery

8.2

it-compliance

Identify outdated and vulnerable software.

Dashboard: [Osquery Manager] Compliance pack

Osquery

8.2

osquery-monitoring

Monitor Osquery info and performance.

Osquery

8.2

ossec-rootkit

Run rootkit detection queries to monitor for compromise.

Dashboard: [Osquery Manager] OSSEC rootkit pack

Osquery

8.2

osx-attacks

Identify compromised macOS systems.

Osquery

8.2

unwanted-chrome-extensions

Monitor for malicious Chrome extensions.

Osquery

8.2

vuln-management

Identify system vulnerabilities.

Osquery

8.2

windows-attacks

Monitor for evidence of Windows attacks.

Osquery

8.2