From cb73eed69bc9ef75cf1b4eb9bad3a3e3f191cc42 Mon Sep 17 00:00:00 2001 From: Toni de la Fuente Date: Mon, 29 Feb 2016 17:16:50 -0500 Subject: [PATCH 1/2] added support to osquery --- include/tests_file_integrity | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/include/tests_file_integrity b/include/tests_file_integrity index 278f2d07..7ce0831e 100644 --- a/include/tests_file_integrity +++ b/include/tests_file_integrity @@ -268,6 +268,23 @@ # ################################################################################# # + # Test : FINT-4351 + # Description : Check if osquery system integrity tool is running + Register --test-no FINT-4351 --weight L --network NO --description "osqueryd syscheck daemon running" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: Checking if osqueryd syscheck daemon is running" + IsRunning osqueryd + if [ ${RUNNING} -eq 1 ]; then + LogText "Result: syscheck (osquery) installed" + FILE_INT_TOOL="osquery" + FILE_INT_TOOL_FOUND=1 + Display --indent 4 --text "- osquery (syscheck)" --result FOUND --color GREEN + else + LogText "Result: syscheck (osquery) not installed" + fi + fi +# +################################################################################# Report "file_integrity_tool=${FILE_INT_TOOL}" Report "file_integrity_tool_installed=${FILE_INT_TOOL_FOUND}" From 617ede868655e919581f629c2279b8328b1e1dd7 Mon Sep 17 00:00:00 2001 From: Toni de la Fuente Date: Mon, 29 Feb 2016 17:27:07 -0500 Subject: [PATCH 2/2] Update tests_file_integrity --- include/tests_file_integrity | 38 ++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/include/tests_file_integrity b/include/tests_file_integrity index 7ce0831e..8315fc20 100644 --- a/include/tests_file_integrity +++ b/include/tests_file_integrity @@ -246,6 +246,24 @@ Display --indent 6 --text "- Directory/File watches" --result DISABLED --color YELLOW fi fi + +################################################################################# +# + # Test : FINT-4351 + # Description : Check if osquery system integrity tool is running + Register --test-no FINT-4351 --weight L --network NO --description "osqueryd syscheck daemon running" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: Checking if osqueryd syscheck daemon is running" + IsRunning osqueryd + if [ ${RUNNING} -eq 1 ]; then + LogText "Result: syscheck (osquery) installed" + FILE_INT_TOOL="osquery" + FILE_INT_TOOL_FOUND=1 + Display --indent 4 --text "- osquery (syscheck)" --result FOUND --color GREEN + else + LogText "Result: syscheck (osquery) not installed" + fi + fi # ################################################################################# # @@ -266,25 +284,7 @@ fi fi # -################################################################################# -# - # Test : FINT-4351 - # Description : Check if osquery system integrity tool is running - Register --test-no FINT-4351 --weight L --network NO --description "osqueryd syscheck daemon running" - if [ ${SKIPTEST} -eq 0 ]; then - LogText "Test: Checking if osqueryd syscheck daemon is running" - IsRunning osqueryd - if [ ${RUNNING} -eq 1 ]; then - LogText "Result: syscheck (osquery) installed" - FILE_INT_TOOL="osquery" - FILE_INT_TOOL_FOUND=1 - Display --indent 4 --text "- osquery (syscheck)" --result FOUND --color GREEN - else - LogText "Result: syscheck (osquery) not installed" - fi - fi -# -################################################################################# + Report "file_integrity_tool=${FILE_INT_TOOL}" Report "file_integrity_tool_installed=${FILE_INT_TOOL_FOUND}"