Not yet, and we are interested in what the community and potential customers are looking for.
Here are some informal thoughts of things that I believe will benefit folks:
- One agent to rule them all. We want to provide (or allow users to build) any security/it/compliance monitoring they need by deploying a single agent (osquery).
- Build alerting and enrichment into Fleet so that queries can be defined along with the alerts and enrichment (thinking to evolve the yaml format to support some of these things).
- Make it easier to deploy and update osquery, and extensions.
- Build a datastore tailored to storing information logged from osquery (not competing with Splunk/ELK for longer term storage, but making the management and querying of "facts" available from osquery more efficient).
- Fine grained authorization that allows exposing the capabilities of Fleet to more of the organization without compromising security/stability.
- Privacy and user respect is important - Expose a UX for endpoint users to understand how/what data is being collected from their devices.
Do these things resonate with you? What are your needs?