Evil.Plumbing

A landing page for a conference talk, or an excuse to buy a cool domain?

Bring an SSH client.
If you have a favorite IRC client, bring it. VMs provided have irssi.
If possible, bring a Windows VM (2012 server and up, or Windows 10).
If possible, bring a Ubuntu 18.04 VM in case the network goes down.
Bonus: If you have a Mac, bring a maCOS VM or install osquery on it (we will not output data from it to anywhere but your screen during the workshop).

Join #osqueryworkshop on Freenode via IRC in advance if you want. I should be hanging out in there at least a few hours a day until the workshop.

Ubuntu: dpkg -i filename.deb

Mac: Install Package

Windows: choco install osquery

Mac/Linux: Run osqueryi in a shell. It should be in your path.
In osqueryi, run select * from uptime;

Windows: Run osqueryi from C:\programdata\osquery - it will NOT be in your path.
In osqueryi, run select * from uptime;

Guillaume Ross - @gepeto42

Evil Dot Plumbing