Ubuntu 22.04にOsqueryをインストールする方法

2022年5月10日

環境
OSバージョンを確認します

# cat /etc/lsb-release

DISTRIB_ID=Ubuntu

DISTRIB_RELEASE=22.04

DISTRIB_CODENAME=jammy

DISTRIB_DESCRIPTION="Ubuntu 22.04 LTS"

# cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=22.04 DISTRIB_CODENAME=jammy DISTRIB_DESCRIPTION="Ubuntu 22.04 LTS"

# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04 LTS"

Osqueryのインストール手順
1.sources.listを追加します

# echo "deb [arch=amd64] https://pkg.osquery.io/deb deb main" | sudo tee /etc/apt/sources.list.d/osquery.list

deb [arch=amd64] https://pkg.osquery.io/deb deb main

# echo "deb [arch=amd64] https://pkg.osquery.io/deb deb main" | sudo tee /etc/apt/sources.list.d/osquery.list deb [arch=amd64] https://pkg.osquery.io/deb deb main

# echo "deb [arch=amd64] https://pkg.osquery.io/deb deb main" | sudo tee /etc/apt/sources.list.d/osquery.list
deb [arch=amd64] https://pkg.osquery.io/deb deb main

2.署名キーをインポートします

# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

Executing: /tmp/apt-key-gpghome.LW8ZciZxQa/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B

gpg: 鍵97A80C63C9D8B80B: 公開鍵"osquery (osquery) <osquery@fb.com>"をインポートしました

gpg: 処理数の合計: 1

gpg: インポート: 1

# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). Executing: /tmp/apt-key-gpghome.LW8ZciZxQa/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B gpg: 鍵97A80C63C9D8B80B: 公開鍵"osquery (osquery) <osquery@fb.com>"をインポートしました gpg: 処理数の合計: 1 gpg: インポート: 1

# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.LW8ZciZxQa/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
gpg: 鍵97A80C63C9D8B80B: 公開鍵"osquery (osquery) <osquery@fb.com>"をインポートしました
gpg: 処理数の合計: 1
gpg:               インポート: 1

3.アップデートを実行します
# sudo apt update

4.aptコマンドで osqueryをインストールします

# sudo apt install osquery

# sudo apt install osquery

5.動作確認

# osqueryi

Using a virtual database. Need help, type '.help'

osquery> select * from os_version;

+--------+-----------------------------+-------+-------+-------+-------+----------+---------------+----------+--------+

+--------+-----------------------------+-------+-------+-------+-------+----------+---------------+----------+--------+

| Ubuntu | 22.04 LTS (Jammy Jellyfish) | 22 | 4 | 0 | | ubuntu | debian | jammy | x86_64 |

+--------+-----------------------------+-------+-------+-------+-------+----------+---------------+----------+--------+

# osqueryi
Using a virtual database. Need help, type '.help'
osquery> select * from os_version;
+--------+-----------------------------+-------+-------+-------+-------+----------+---------------+----------+--------+
| name   | version                     | major | minor | patch | build | platform | platform_like | codename | arch   |
+--------+-----------------------------+-------+-------+-------+-------+----------+---------------+----------+--------+
| Ubuntu | 22.04 LTS (Jammy Jellyfish) | 22    | 4     | 0     |       | ubuntu   | debian        | jammy    | x86_64 |
+--------+-----------------------------+-------+-------+-------+-------+----------+---------------+----------+--------+

Ubuntu 22.04

Posted by arkgame

関連投稿: