Spry LogoOpsfolio
Threat Exposure Management (TEM)

Quick Start

Project setup and execution guide

Getting Started

Step One

  • Ensure you have generated an RSSD using EAA or that you already own an RSSD.
  • Write SQL views and queries in .sql files and supporting queries in a Markdown file.
  • Ingest these SQL views and queries into your RSSD and view the Web UI using Surveilr.

First Project

  • Create a directory for your project:
mkdir project-tem
  • Copy or place your RSSD file into this directory (for example: tem.sqlite.db).
  • Create a sqlpage.json file inside a sqlpage folder:
mkdir sqlpage && cd sqlpage

cat <<EOF > sqlpage.json
{
  "database_url": "sqlite://tem.sqlite.db?mode=rwc",
  "allow_exec": true,
  "port": 9227
}
EOF
  • Write your SQL views in a file with a .sql extension (for example: stateless.sql).
  • Write SQL queries that call these views inside a Markdown file (for example: Spryfile.md).
  • Create interpretations and store them inside a folder named interpretation at the same level.

Project Structure

Your directory should look like this:

project-tem/
├─ Spryfile.md
├─ stateless.sql
├─ tem.sqlite.db
├─ interpretation/
   └─ *.md
├─ sqlpage/
   └─ sqlpage.json

Manual Steps

Add the following executable blocks at the top of Spryfile.md.

Ingest Interpretations into sqlite.db

#!/usr/bin/env bash
surveilr ingest files -r interpretation -d tem.sqlite.db

Ingest SQL Views from stateless.sql into sqlite.db

#!/usr/bin/env bash
cat stateless.sql | sqlite3 tem.sqlite.db

Ingest SQL Query from Spryfile.md into sqlite.db

#!/usr/bin/env bash
spry sp spc --md Spryfile.md  --package --conf sqlpage/sqlpage.json | sqlite3 tem.sqlite.db

View the sqlite.db Locally Using Surveilr

#!/usr/bin/env bash
surveilr web-ui -d tem.sqlite.db

Access the Web UI

Use the following command to start the local Web UI and open it in your browser:

#!/usr/bin/env bash
echo "Visit http://localhost:9227"

Automated Step

  • Copy paste the manual commands inside Spryfile.md as an executable block
  • Then verify by running these are executables by:
spry rb ls Spryfile.md
  • if you see the tasks listed, you are good to go.
  • Finally run the entire Spryfile by:
spry rb run Spryfile.md --verbose rich

Final Execution

Final command to run all scripts and launch the Web UI:

Run this from the root of your project directory.

spry rb run Spryfile.md --verbose rich

Then visit localhost

How is this guide?

Last updated on

Download Operational Truth™ - Fleet Security TEM Module

Fleet Security TEM is a downloadable software package that must be installed on a local workstation or server environment. The software is not web-based and requires local installation to operate. To install Fleetfolio TEM, users must first set up the required software dependencies and then download and install the primary Fleetfolio TEM application package by following the provided installation instructions.

On this page

Getting Started
Step One
First Project
Project Structure
Manual Steps
Ingest Interpretations into sqlite.db
Ingest SQL Views from stateless.sql into sqlite.db
Ingest SQL Query from Spryfile.md into sqlite.db
View the sqlite.db Locally Using Surveilr
Access the Web UI
Automated Step
Final Execution