Osquery - Use 'systemctl' instead of 'service'

computablefacts · Nov 11, 2024 · dcaef64 · dcaef64
1 parent 756599a
commit dcaef64
Showing 1 changed file with 2 additions and 5 deletions.
diff --git a/app/Models/YnhOsquery.php b/app/Models/YnhOsquery.php
@@ -309,12 +309,9 @@ public static function monitorServer(YnhServer $server): string
 fi
 
 # Stop Osquery then LogAlert because reloading resets LogAlert internal state (see https://github.com/jhuckaby/logalert for details)  
-osqueryctl stop osqueryd
+systemctl stop osqueryd
 systemctl stop logalert
 
-# An attempt at dealing with https://github.com/osquery/osquery/issues/8064
-sleep 20
-
 # Cleanup
 if [ -f /opt/logparser/12408bd3.jsonl.gz ]; then
   rm /opt/logparser/12408bd3.jsonl.gz
@@ -418,7 +415,7 @@ public static function monitorServer(YnhServer $server): string
 
 # Start LogAlert then Osquery because reloading resets LogAlert internal state (see https://github.com/jhuckaby/logalert for details)  
 systemctl start logalert
-osqueryctl start osqueryd
+systemctl start osqueryd
 
 # If fail2ban is up-and-running, whitelist AdversaryMeter IP addresses
 if systemctl is-active --quiet fail2ban; then