If you're testing some software that will provide configurations to osquery endpoints but you don't want to spin up hundres of virtual machines, you can use this code (with some modifications) to simulate as many endpoints as you want. They generate the traffic that an endpoint would generate and you can see how your server is responding.
- Clone the repo
- Make sure you have erlang installed
- Copy
config.yaml.exampletoconfig.yaml - Edit
config.yamlto taste - run
./start_servers
The file config.yaml will set the base url that osq_simulator will try to
contact to enroll the fake servers. This should be the dns address of the server
with a protocol on the front, such as http://localhost:4567.
Osquery servers will normally try to enroll using an enroll secret value which
is also set in config.yaml.
If you're using this with a server like windmill
which takes the id and group with the enroll secret then in your config.yaml file
make sure to set send_id and send_group to true.
Finally, in the groups variable, set a group name and the number of endpoints you want from that group.