valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 01:55:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,449 Commits 2 Branches 109 Tags 25 MiB
191fc7df53
Commit Graph

321 Commits

Author SHA1 Message Date
Kyle Creyts
19843b8253 first pass at ssh_config table (#4380) 2018-06-22 19:37:29 -07:00
M Amin
7623f5380f tables: Added NTFS ACL permissions virtual table (#4518) 2018-06-18 16:12:36 -04:00
Filipe Manco
0a08620b65
Move process namespaces to separate table (#4534) 2018-06-13 14:28:16 +01:00
Teddy Reed
e1676c9ef5 Make macOS signatures table architecture aware (#4525) 2018-06-11 14:03:57 -07:00
Filipe Manco
0f66afff6e Set parent to -1 on process_events (#4511) 2018-06-08 15:15:54 -07:00
Babatunde Micheal Okutubo
ffe025e0a3 tables: Report process limits on darwin and linux (#4219) 2018-06-08 10:53:17 -07:00
Filipe Manco
516b0147f0 Move process_event's status to extended schema (#4509) 2018-06-07 16:12:15 -07:00
Jason Meller
8456b34993 Add battery virtual table for Darwin (#4168) 2018-06-07 09:47:45 -07:00
Scott Lundgren
18564629ac Update docs around the users table to account for Windows (#4421) (#4422) 2018-06-05 23:07:14 -07:00
James Jerger
56bbd9a8b9 Tables: Add cpu_info table to windows (#4381) 2018-05-31 15:25:12 -07:00
Allan Liu
083c57e3f0 tables: memory related SMBIOS tables (#4409) 2018-05-25 21:29:43 +01:00
Drake Aronhalt
408d002403 Adding readonly_rootfs field to docker_containers table. (#4419) 2018-05-25 17:54:15 +01:00
Rutwa189
3de45f5abb Improve Python packages table (#4407) 2018-05-24 09:14:44 -07:00
Allan Liu
1c38b7626d tables: add link_speed column to interface_details for linux (#4320) 2018-05-17 14:35:20 -07:00
Allan Liu
a110c291fa tables: Virtual table implemention for memory devices from SMBIOS (#4138) 2018-05-17 17:33:35 -04:00
Steve Brito
c52276879a tables: adding bios_info table for Windows. (#4118) 2018-05-17 13:49:33 -07:00
Ben Isaacs
8fca2a21c1 add documentation for alf global_state (#4247) 2018-05-16 22:43:37 -04:00
Ngo The Trung
b748386ddb mac: add 'state' to process_open_sockets (#4253) 2018-05-15 11:28:42 +01:00
Nick Anderson
a338c86170
tables: adding user_groups table for Windows (#4217) 2018-05-14 16:48:16 -07:00
Giorgi Guliashvili
58969a1df7 Removed startup_items from linux platform. (#4373) 2018-05-14 23:50:28 +01:00
James Jerger
a5df5acc01 Refactor tables to bail out early on error. Add encryption method to bitlocker_info. (#4337) 2018-05-11 22:57:16 -07:00
Andrew Guthrie
a6064cf247 NPM Packages Table on Linux (#4315) 2018-05-10 19:11:30 -07:00
Steve Brito
8c22b59538 Add manufaturer and service to interface_details table for Windows (#4376) 2018-05-09 18:07:07 -07:00
Nick Anderson
4125297158
tables: adds a Powershell events table to Windows (#4351) 2018-05-07 10:26:43 -07:00
Rich5
aea381e147 Correct process uid for user name mapping and added is_elevated_token column (#4369) 2018-05-06 20:14:59 -07:00
Filipe Manco
446ae4c366
Add namespaces to processes table on linux (#4263) 2018-05-03 18:12:53 +01:00
Mitchell Grenier
5bd021a84f
Cups Jobs and Cups Destinations (#4278) 2018-05-02 15:03:17 -07:00
Mitchell Grenier
8d16ae3887
Add an mdfind table to macOS (#4313) 2018-05-02 10:58:12 -07:00
Gabi Purcaru
0d1425266a Added certificate serial number column (#4290) 2018-04-18 07:30:12 -07:00
Ngo The Trung
f1a630735e tables: Add yum_sources table (#4213) 2018-04-05 13:27:59 +01:00
James Jerger
3abadc77d7 tables: Add video_info table to collect video card information (#4226) 2018-03-30 21:35:11 -07:00
Richard Metzler
3df60e6c7c docs: shadow only works for root / sudo (#4228) 2018-03-30 13:58:22 -07:00
James Jerger
ab26abb2d6 tables: Add windows disk_info table (#4177) 2018-03-21 11:42:44 -07:00
Jonathan Keljo
bf707ef4a9 mac/linux: add disk I/O columns to processes table (#4204) 2018-03-21 09:46:26 -07:00
Nick Anderson
2cf2601f77
perf: refactoring drivers table for performance (#4195) 2018-03-20 17:06:36 -07:00
Jason Meller
dab7d67b86 Add account_policy_data virtual table for macOS (#4165) 2018-03-09 09:02:47 -08:00
Cem Gürkök
1e432dcd4c adding fields to docker_containers table (#4167) 
* adding fields to docker_containers table

* adding more fields: path, entrypoint

* addressing comments by obelisk

* pid to int and osquery::join use
 2018-03-02 10:20:59 -08:00
Alessandro Gario
abfcaf0d0e List all sockets (host and containers) in process_open_sockets (#4024) 2018-02-22 00:36:51 +00:00
James Jerger
6c3e90e170 Add bitlocker_info to Windows (#4113) 2018-02-09 17:06:32 +00:00
Teddy Reed
fad4a748c0
tables: Add cpu_microcode to system_info (#4028) 2018-01-20 20:24:09 -05:00
Alessandro Gario
44e03bada9 process_file_events: Add fields euid and egid and cleanup logs 2018-01-15 20:19:05 -08:00
Alessandro Gario
02caa95774 audit: Rename audit_fim_events to process_file_events 2018-01-15 20:12:58 -08:00
Alessandro Gario
d72779c784 Update column names, add switch to clear Audit config on startup (#3611) 2018-01-15 20:02:27 -08:00
Alessandro Gario
9c0bd4abfb audit-based file integrity monitoring (#3492) 2018-01-15 19:57:50 -08:00
Nick Anderson
d73222326f
tables: updating row description for kva_speculative_info (#4044) 2018-01-09 11:43:19 -08:00
Teddy Reed
de19f0b6c2
tables: Replace apt_sources with crude string parsing (#4034) 2018-01-07 00:26:27 -08:00
Nick Anderson
85133d8ad0
tables: adding windows table for KVA and speculative exec info (#4027) 2018-01-05 10:53:02 -08:00
Dave Kukfa
6ddbdc0fea tables: Implemented Windows crashes table (#3696) 2017-12-28 21:09:10 -08:00
Teddy Reed
33ab8b6e5d
config: Inspect blacklisted queries (#4004) 2017-12-17 19:25:42 -08:00
Reed Loden
6b6723110f tables: Add linux shadow table (#3902) 2017-11-28 00:51:44 -08:00