velociraptor-discuss

It is not enough to have OIDC configured - you also need to add the user to the Velociraptor system

you will need to use the "centos" build on the releases page as it was built for a very old

Hi, Is anyone having a problem querying clients() from the command line for velociraptor 6.3? I'

Thanks Mike, I was able to partially resolve some of this (my node naming convention was off - didn

Hi Mike Thank you for detailed explanation. I fully resolved my question. As you said, MarshalText is

OK, that make sense. I'm not sure what is changing it, I'll do some poking around. Thanks for

Hi Orcun, Let me reply to you off the list :-) Thanks Mike Mike Cohen Digital Paleontologist,

Hi Velociraptor users, We received reports this morning that some users are experiencing Let's

Hi Orcun, Lot of folks were interested in your question and I think this is a very important topic -

Hi Mike. Thank you for detailed explanation with internal behaviors. My question was completely

It seems I was wrong - the file_store() function does in fact sanitize the path properly and also

This was discussed here https://github.com/Velocidex/velociraptor/issues/1143 with a proposed

Thank you. On Tuesday, December 7, 2021 at 8:38:18 AM UTC-5 mi...@velocidex.com wrote: Just to let

I discovered that the VM had originally been used as a Velo server and is used as a client. So I

You can just use the python API to run any queries from python and get the json to do whatever you

Thanks Mike, your response got me pointed in the right direction. Here's what I came up with that

When you run the query in a notebook you are actually running it on the server (which is probably

Thanks Mike, as always :-) We have that clock running to automaticly schedule the check artifact each

Not sure if this helps, but Whitney and I did a talk at DFIR summit about this. https://www.youtube.

thank you for the prompt response On Tuesday, September 21, 2021 at 2:05:15 PM UTC-7 mike_cohen wrote

There's still time to submit your entry to the Velociraptor Contributor Contest. We'll be

Is there any clues in the query log? On Monday, September 6, 2021 at 6:03:36 PM UTC+10 learning...@

It looks like your clients are not properly installed - how have you deployed them? They need to

My apologies! The above script works correct, what i failed to do was unload the artifact from the

Forget the qst. Was a firewall issue! Thanks anyway El martes, 27 de julio de 2021 a las 19:01:29 UTC

Hello Mike, Thanks a lot for your help ! Everything works as i wanted, so i just did "

As you can see the artifacts_with_results contain two artifacts: artifacts_with_results': ['

Velociraptor uses the write back file located in the config file to store it's private key and

Got it working, thanks for the help. We decided to not go with our own GoDaddy-provided cert, as the

that worked, thank you On Friday, May 28, 2021 at 6:05:52 PM UTC-4 Mike Cohen wrote: Can you search