Skip to content

AsRoot

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

AsRoot

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
app
app
 
 
container/run
container/run
 
 
README.md
README.md
 
 
manifest.json
manifest.json
 
 

README.md

AsRoot

This sample app shows how to use the as_root feature as part of a QRadar app.

This app copies the contents of /etc/sudoers into /opt/app-root and prints the contents under the asRoot tab from QRadar.

as_root

The as_root feature allows app developers the ability to run commands as the root user.

This sample app uses as_root in container/run/copy_sudoers.sh.

Limitations

The as_root option is only available at app start up, if it is used during normal runtime operation it will fail.

Considerations

The as_root option should only be used when neccessary, and is subject to strict validation (on submission to X-Force Exchange) - there should be a justified and neccessary reason for using it.

Running this app

You can run this app locally by executing in this directory:

qapp run

Or you can package this app and deploy it by executing in this directory:

qapp package -p app.zip

and

qapp deploy -p app.zip -q <qradar console ip> -u <qradar user>