valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,361 Commits 2 Branches 109 Tags 25 MiB
1f450fb1ef
Commit Graph

1361 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Javier Marcos
29325cf893 Merge pull request #634 from facebook/removing_glog_install 
Fix for #611, CentOS compilation error and removing system wide glog install
 2015-01-17 18:35:52 -08:00
Teddy Reed
09ce5099b2 Merge pull request #632 from theopolis/osx_boot_info 
OSX IOKit registry and ACPI table data
 2015-01-17 17:56:51 -08:00
Teddy Reed
545a6b0930 Merge pull request #629 from marpaia/cmdline-whitespace-fix 
Fix for #628
 2015-01-17 17:51:06 -08:00
Teddy Reed
380e680064 Merge pull request #633 from theopolis/qc_stacking 
[Fix #630] Clear stacking index plans
 2015-01-17 17:49:47 -08:00
Javier Marcos
a324a22fbc Fix for #611, CentOS compilation 2015-01-17 17:23:41 -08:00
Mitchell Grenier
c1a1013e5a Minor code changes and namespacing 2015-01-16 12:03:23 -08:00
Teddy Reed
ba716712cf [Fix #630] Clear stacking index plans 2015-01-16 06:47:32 -08:00
Teddy Reed
1df958c583 ACPI tables for OSX 2015-01-15 21:37:02 -08:00
Mitchell Grenier
e6e722dd17 Modifed config.cpp to not use the old MD5 implementation 2015-01-15 17:40:42 -08:00
Mitchell Grenier
570c6a32f3 Moved hashing functions into core. #include<osquery/hash.h> 2015-01-15 17:16:05 -08:00
Mitchell Grenier
c13a0e79a5 Most hashing stuff working though rerun bug is still plaguing the queries 2015-01-15 15:06:30 -08:00
mike@arpaia.co
cdc3bfa6e0 Adding whitehat information to README 
close #627
 2015-01-15 13:59:46 -08:00
Teddy Reed
803204a9dd iokit_registry table 2015-01-15 12:53:46 -08:00
mike@arpaia.co
aef517a29e Fix for #628 2015-01-15 12:11:25 -08:00
Teddy Reed
7eba35514e Merge pull request #621 from theopolis/qc_join 
[Fix #620] Add query plan estimates bias toward constraints
 2015-01-14 00:52:34 -08:00
Teddy Reed
663e481d9e [Fix #620] Add query plan estimates bias toward constraints 2015-01-13 21:17:15 -08:00
Teddy Reed
6bd6fce8f5 Merge pull request #614 from maus-/initscript 
Added basic init script
 2015-01-13 19:06:13 -08:00
Teddy Reed
dc292a867e Merge pull request #618 from theopolis/iokit_silence 
Treat IOKit HID failures as warnings
 2015-01-13 19:04:28 -08:00
Teddy Reed
367709429e Treat IOKit HID failures as warnings 2015-01-13 17:25:11 -08:00
maus-
93e03b5553 Rename osquery.initd to osqueryd.initd 2015-01-13 16:39:00 -08:00
maus-
d5e6d3eab8 Delete osqueryd.initd 2015-01-13 16:38:49 -08:00
maus-
d16af10d23 Cleaned up wording 2015-01-13 16:38:11 -08:00
Teddy Reed
4db7c90758 Merge pull request #608 from theopolis/linux_ports 
Moved socket_inode on Linux to process_open_files
 2015-01-13 14:54:35 -08:00
Teddy Reed
a709a34220 Merge pull request #605 from theopolis/fix_599 
[Fix #599] Rename kextstat->kernel_extensions
 2015-01-13 14:53:32 -08:00
Teddy Reed
47d5a795a9 Merge pull request #613 from theopolis/qc_tests 
QueryContext unit tests and splay/config updates
 2015-01-13 14:28:25 -08:00
Teddy Reed
b6e72c2f01 Merge pull request #615 from theopolis/centos_makeinfo 
Add texinfo to CentOS provision
 2015-01-13 14:19:35 -08:00
Teddy Reed
ac0f2f96e4 Split OSX process_open_files into files/sockets 2015-01-13 11:05:54 -08:00
Teddy Reed
f0eec6fbe3 Adding listening_ports to Linux 2015-01-13 09:51:40 -08:00
Teddy Reed
bb6f313c6c Moved socket_inode on Linux to process_open_files 2015-01-13 08:26:47 -08:00
maus-
112425feed Updated as per your notes 
A couple of things to note

The script still makes the assumption of having a config in /etc/osquery/osquery.conf however it now checks to see if there is the default example config in /usr/share/osquery/osquery.example.conf and alerts the user that it's using the default. 

To prevent having the pidfile being set in two different locations, it would be nice if the osqueryd application settings could be stored with the standard key=value approach. This would allow the init script to source the config at runtime. The downside however would that the init script still makes the assumption that the location of osquery.conf is standardized. 

I'm not really sure why the pidfile needs to go in the osquery directory anyway, considering most pidfiles for daemons like this typically exists in /var/run/$program.pid which actually would be a nicer default as it removes the requirement of having the folder there in /var. I'd prefer to not keep osquery in /var anyway. 

same goes for the lockfile. Typically you'd never bother with this setting and you'd keep it in /var/lock/subsys/$progname
 2015-01-12 16:25:38 -08:00
Teddy Reed
eaad95b181 Add texinfo to CentOS provision 2015-01-12 15:38:16 -08:00
Teddy Reed
15c3551bdd Remove gtest include from tables 2015-01-12 15:30:32 -08:00
a wizard named upfish
7686104e27 added init script 2015-01-12 14:56:47 -08:00
Teddy Reed
376a438516 Moving splay to scheduler and adding config logging 2015-01-12 12:53:05 -08:00
Teddy Reed
84ef94ce9d Testing for table query constraints 2015-01-12 12:52:29 -08:00
Javier Marcos
d2f97169d0 Merge pull request #612 from facebook/rubygems_fix_ubuntu12 
Installing gems in Ubuntu 12 to avoid error
 2015-01-12 11:40:43 -08:00
Javier Marcos
d9b41f81b9 Installing gems in Ubuntu 12 to avoid error 2015-01-12 11:32:48 -08:00
Teddy Reed
3b9c7a7b51 Merge pull request #609 from theopolis/events_fix 
Fix shouldFire pubsub virtual
 2015-01-11 20:04:52 -08:00
Teddy Reed
465db46628 Fix shouldFire pubsub virtual 2015-01-11 19:51:54 -08:00
Teddy Reed
597b5ed4be Merge pull request #606 from theopolis/linux_network 
Implement interface_addresses, interface_details for Linux
 2015-01-11 14:40:23 -08:00
Teddy Reed
7ea451522e Merge pull request #604 from theopolis/fix_600 
[Fix #600] Additional Linux-flavor tables should be additive
 2015-01-11 00:39:46 -08:00
Teddy Reed
6deeba39c9 Merged Linux/OSX interfaces implementation 2015-01-11 01:39:16 -07:00
Teddy Reed
6dfc5d88f4 Added interfaces to Linux 2015-01-11 00:42:23 -07:00
Teddy Reed
a2cc1c85ea [Fix #599] Rename kextstat->kernel_extensions 2015-01-11 00:38:03 -07:00
Teddy Reed
50165a8808 [Fix #600] Additional Linux-flavor tables should be additive 2015-01-11 00:34:41 -07:00
Teddy Reed
082f816571 Merge pull request #598 from theopolis/remove_unwind_2 
Remove libunwind from glog and osquery
 2015-01-10 23:23:34 -08:00
Teddy Reed
10fafa6299 Support make package 2015-01-10 23:02:32 -08:00
Teddy Reed
c7f92598ad Building glog on CentOS 6.6 2015-01-10 22:12:38 -08:00
Teddy Reed
c5cbf992ad Remove installed unwind headers 2015-01-10 20:38:31 -07:00
mike@arpaia.co
9bdd6fe7a3 removing unwind dep in CMakeLists 2015-01-10 13:03:23 -07:00