valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,642 Commits 2 Branches 109 Tags 25 MiB
184114e300
Commit Graph

346 Commits

Author SHA1 Message Date
Giorgi Guliashvili
21228c3172
put config backup feature behind killswitch (#5100) 2018-08-27 17:16:43 +01:00
Giorgi Guliashvili
561fda3aa0
config backup (#4935) 2018-08-20 14:24:24 +01:00
Giorgi Guliashvili
84698b3e84
get rid of alias verbose_debug and debug (#4972) 2018-08-20 14:17:03 +01:00
Teddy Reed
512f775c58
Remove boost SHA1 UUID dependency (#5070) 2018-08-19 21:55:00 -04:00
Alexander
f850714642
Remove safeStrtol from conversion.h (use tryTo<long> instead) (#4768) 2018-08-10 11:05:57 +01:00
Giorgi Guliashvili
4b7e211965
pauseMili to pause transform (#4796) 2018-08-02 16:57:02 +01:00
Alexander
9e798eb162
Remove safeStrtoll from conversions.h and change all usecases to tryTo<> (#4754) 
Also I've used a throwning std::stoll because the tests should not be exception safety and must fail if something goes wrong.
 2018-07-26 10:57:52 +01:00
Giorgi Guliashvili
80bfef9f77
setThreadName boilerplate removal (#4749) 2018-07-23 19:50:35 +01:00
Mitchell Grenier
69d307b64c
Add labels for threads (#4295) 2018-07-23 11:13:43 -07:00
Teddy Reed
112a33ddc0
cleanup: Migrate calls to tryTo from 4683 (#4710) 2018-07-21 12:19:33 -04:00
Giorgi Guliashvili
94397d3c04
get rid of unnecessary ptree includes (#4727) 2018-07-19 10:45:40 +01:00
Giorgi Guliashvili
386ccb5e96
disable malfunctioning new features on the fly using killswitch (#4671) 2018-07-18 22:11:19 +01:00
Giorgi Guliashvili
61b66559fa
remove old version of schedule from the codebase and tests (#4707) 2018-07-14 19:18:28 +01:00
Teddy Reed
fa4f63fb84
tables: Remove lexical_cast include from tables (#4683) 2018-07-14 11:42:44 -04:00
Vova Mishatkin
0cc9b84e4f
Add tests for file_paths_query (#4693) 2018-07-11 18:29:55 +01:00
Teddy Reed
6d5f94b2c6
flags: Separate flags and flagalias (#4682) 2018-07-10 23:04:39 -04:00
Vova Mishatkin
dbac4ea67c
Add the ability to specify file_paths with sql queries (#4678) 2018-07-10 16:24:13 +01:00
Max Kareta
6ab2a83a61
Refactor/cmake 5 (#4642) 2018-06-26 16:54:08 +01:00
Alexander
f9e9fdb962 Remove unused unused mutex 'config_valid_mutex_' from config (#4637) 2018-06-26 16:01:28 +01:00
Filipe Manco
b67fc0eb28
Comment out unused parameter to make linter happy (#4606) 2018-06-19 22:02:32 +01:00
iBigQ
0bce73c846 Parse structured options as string (#4567) 
* Parse structured options as string

* Added option parsing test

* fix option json test

* fix formating
 2018-06-19 17:11:51 +01:00
Max Kareta
4b8d7f0c53
moved from file(GLOB); added CMAKE_CURRENT_LIST_DIR to support include syntax (#4582) 2018-06-18 14:24:20 +01:00
Filipe Manco
b512f4be6d
ATCPlugin fix ctor initialization order (#4540) 2018-06-13 17:17:28 +01:00
Alexander
4c2925743e If config update call from extension failed, do not go further (#4517) 2018-06-08 10:15:46 -07:00
Mitchell Grenier
6ea8ceb944
Allow ATC to ignore DB locking (#4414) 2018-06-06 12:30:31 -07:00
Alexander
e6f69e6480 Use std::vector instead of std::list for PackRef in Config implementation (#4485) 2018-06-04 09:46:54 -07:00
Alexander
a4ca8b1048
Rid off the shared_ptr using from config schedule (#4423) 
there is no reason to share this objects
 2018-06-04 10:34:32 +01:00
Max Kareta
5aca61375f
reorganized includes to improve compile time (#4445) 2018-05-30 00:17:40 +01:00
Filipe Manco
c485474ad6
Enable configure() calls on logger plugins (#4434) 2018-05-29 09:58:07 +01:00
Filipe Manco
67f95baf6e
Fix files with no new line at eof (#4426) 2018-05-24 20:12:31 +01:00
Alexander
8de02701f2 Apply const qualifier for Config::packs(...) method (#4387) 2018-05-18 18:37:33 +01:00
Teddy Reed
201dd6d940 packs: Fix blacklist option bool assumption (#4400) 2018-05-18 11:58:59 +01:00
Alexander
bfb6c13674 Add const qualifier to some Config methods (#4383) 2018-05-11 09:36:48 +01:00
Alexander
1a48150be0 Pass name of query to lambda in Config::scheduledQueries by value (#4367) 2018-05-09 14:56:19 +01:00
Nick Anderson
4125297158
tables: adds a Powershell events table to Windows (#4351) 2018-05-07 10:26:43 -07:00
Mitchell Grenier
192ccaeaed
New ATC Tables (#4271) 2018-05-04 13:54:14 -07:00
Teddy Reed
f5abb45919
Fast code audit for flags and dispatcher (#4355) 2018-05-01 22:47:01 -04:00
Filipe Manco
161653b2b4 Make options parser ignore invalid options (#4345) 2018-05-01 21:55:33 -04:00
Teddy Reed
349f401161
Move singleton accessors into implementations (#4347) 2018-05-01 14:56:51 -04:00
Teddy Reed
4f531b9a7c
config: Parser keys should be objects or arrays (#4281) 2018-04-13 10:10:53 -04:00
Filipe Manco
1bbdff8c7a
Replace ptree with JSON on serialization code (#4128) 2018-03-01 00:36:24 +00:00
Teddy Reed
65a85799f5
extensions: Allow option accesses in extensions (#4142) 2018-02-21 17:52:35 -08:00
Mitchell Grenier
3f7dda4475 Fix RapidJSON error asserting in configuration (#4086) 2018-02-11 01:16:38 -08:00
Teddy Reed
483fbbb594
query: Force query results into proper order (#2947) 2018-01-21 01:20:48 -05:00
Teddy Reed
90a737ead7
Replace most of boost::property_tree with rapidjson (#3910) 2018-01-20 20:58:01 -05:00
Teddy Reed
f6d077cbf7
license: Change license to Apache 2.0 and GPLv2 (#4007) 2017-12-18 16:04:06 -08:00
Teddy Reed
e71390ca82
config: Allow scheduled queries to set blacklist=false (#4005) 2017-12-18 08:42:00 -08:00
Teddy Reed
33ab8b6e5d
config: Inspect blacklisted queries (#4004) 2017-12-17 19:25:42 -08:00
Teddy Reed
70a214b8a6
logger: Remove invalid assumptions about status logging (#4001) 2017-12-17 09:44:15 -08:00
Teddy Reed
13dfd0148c
audit: Force include and source files to be 100644 (#3971) 2017-11-30 02:01:04 -08:00
Alessandro Gario
58fa4a6899 Verbose logging when spawning services (#3689) 2017-10-24 19:55:05 -07:00
Teddy Reed
19930bfed3 logger: Reconfigure verbosity with logger_min_level (#3676) 2017-09-09 19:11:56 -07:00
Allan Liu
1cd4ed949f kafka logger: Kafka producer implemented as a Logger plugin (#3155) 2017-09-09 10:38:01 -07:00
Seshu Pasam
6fab8b6083 logging: adding "counter" to differentiate initial results (#3651) 
When setting up alerts for differential logs data you might want to skip the
initial added records. counter can be used to identify if the added records
are all records from initial query of if they are new records. For initial
query results that includes all records counter will be "0". For subsequent
query executions counter will be incremented by 1. When epoch changes, counter
will be reset back to "0".
 2017-09-07 15:01:15 -07:00
Teddy Reed
cf170c4278 cleanup: Move query out of database header (#3576) 2017-08-20 02:44:38 -07:00
uptycs-nishant
5a92d2c7f0 Implementing exclude paths for FIM (#3530) 2017-08-19 19:59:23 -07:00
Teddy Reed
d6184f62b5 Set config refresh to 1 hour and fix retry (#3469) 2017-07-17 22:28:11 -07:00
Teddy Reed
57f04c4c49 General code cleanup for the config (#3467) 2017-07-17 11:38:21 -07:00
Lambda Conjecture
ecb9e2ccf2 Add Epoch marker to scheduled query results (#3378) 2017-07-07 17:56:03 -07:00
Teddy Reed
28c10a415f freebsd: Update Vagrantfile, config tests, and remove hidden visibility (#3419) 2017-06-18 18:30:57 -07:00
Teddy Reed
f8f5718297 watcher: Do not initialize the config in watcher (#3403) 2017-06-13 17:26:34 -07:00
Teddy Reed
8ad086098c watcher: Add initial watchdog delay (#3360) 2017-06-08 18:03:30 +01:00
Teddy Reed
eb4536dceb config: Only reconfigure if content changes (#3356) 2017-05-30 19:22:41 -07:00
Teddy Reed
31eb83a1f4 packs: Allow posix in pack platform selection (#3364) 2017-05-29 23:13:59 -07:00
Teddy Reed
49ed383017 config: Unify the config refresh logic (#3351) 2017-05-29 14:09:44 -07:00
Teddy Reed
8a93acfa1c TSAN: Address failures and findings in LLVM 4.0 (#3343) 2017-05-29 02:06:57 -07:00
Teddy Reed
b38a62be8b config: Rename getInstance to get for consistency (#3350) 2017-05-28 23:04:53 -07:00
Mitchell Grenier
62beb1e547 Fix #3220 Error loading packs not verbose enough (#3333) 2017-05-26 14:07:50 -07:00
Teddy Reed
775a4cdcce flags: Allow custom flags in configuration (#3301) 2017-05-25 21:29:31 -07:00
Mitchell Grenier
fe1418f240 Adding a config block to create views (#3306) 2017-05-24 21:03:15 -07:00
Teddy Reed
fb287745c6 linux: Use lld and ThinLTO on Linux (#3284) 2017-05-14 14:23:50 -07:00
Teddy Reed
bc13431394 freebsd: Fix tests and additional_tests (process, config) (#3239) 2017-04-29 19:53:53 -07:00
Teddy Reed
c36a6253b5 packs: Run centos and ubuntu platforms on all Linux (#3088) 2017-03-21 01:11:57 -07:00
Teddy Reed
69bb69fd6d events: Inspect schedule and improve tests (#3087) 2017-03-20 22:03:09 -07:00
Allan Liu
3c3d649b1e Prometheus Metrics table (#2925) 2017-02-26 21:59:51 -08:00
Santosh Ananthakrishnan
d3adaedbb1 Allow reloading filesystem config with --config_refresh (#2967) 2017-02-26 17:45:06 -08:00
Mitchell Grenier
9c3ef43806 Adding success awareness to TLS config plugin (#2877) 2017-01-30 14:08:37 -08:00
Teddy Reed
2713926990 Fix deadlock in decorator execution (#2916) 2017-01-17 17:13:09 -08:00
Teddy Reed
5097dfe775 config: Add schedule lock during source update (#2902) 2017-01-11 00:05:01 -08:00
Teddy Reed
0178419085 Add a TLS config plugin test that runs the scheduler (#2898) 2017-01-10 19:52:58 -08:00
Teddy Reed
0e9733f94c Simplify Registry and plugin concepts (#2887) 2017-01-07 12:21:35 -08:00
Jonathan Lee
383e07e5be [Fix #2734] Remove OpenSSL link dependency for osquery core (#2750) 2016-12-22 00:37:59 -08:00
lambda-conjecture
6e1af3954e Add --enroll_always flag for TLS config plugin (#2827) 2016-12-06 21:56:56 -08:00
Teddy Reed
deed140080 [#1773] Introduce multi-pack configuration syntax (#2787) 2016-11-22 09:35:03 -08:00
Teddy Reed
d402a6ad45 Allow configuration JSON to include escaped newlines (#2785) 2016-11-19 15:01:40 -08:00
Teddy Reed
59f0bad67c Additional compiler checks, including shadow (#2486) 2016-11-06 01:17:04 -08:00
Teddy Reed
a3acf2a3e5 Fix Config TLS plugin default verb (#2708) 2016-11-02 17:08:44 -07:00
Teddy Reed
b814fd54dc [Fix #2674] Add SQLite prepare lock to shell_exec (#2677) 2016-10-24 08:25:38 -07:00
Teddy Reed
215933622f [Fix #2658] Increase max interval to 1 week (#2659) 2016-10-20 19:35:22 -07:00
Teddy Reed
257535e5a2 Correct config-loaded meaning to be has-run-load (#2528) 2016-09-26 22:34:03 -07:00
Teddy Reed
4d1451c9b4 Add extensions SDK incompatibility checking (#2527) 2016-09-26 17:32:41 -07:00
lambda-conjecture
49d939b93d Fix update of event plugins when config fails to load at startup (#2507) 2016-09-23 19:30:33 -07:00
Teddy Reed
a6589c49e3 [Fix #2482] Use atomic member in Dispatcher tests (#2494) 2016-09-21 10:52:52 -07:00
yying
a7af70d021 Adding remote config/logging capabilities to Windows build (#2469) 2016-09-20 14:18:58 -07:00
Zachary Wasserman
9701c55d96 Add active column to osquery_packs table (#2475) 2016-09-19 13:00:11 -07:00
yying
a27d6567e4 Core and Additional Tests (#2441) 2016-09-12 09:46:52 -07:00
yying
84e6a3401a Reducing compiler warnings and fails on warn in VS (#2433) 2016-09-02 15:04:03 -07:00
artemdinaburg
d8bfe962aa Fix Windows under 1.8 build system (#2333) 2016-08-10 14:06:47 -07:00
Teddy Reed
c22f6147ea Move OSQUERY_HOME into core and use as filesystem config default (#2275) 2016-07-21 13:28:23 -07:00
yying
547e8f961c CMake configuration file changes to support Windows (#2258) 2016-07-20 23:48:55 -07:00