valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,265 Commits 2 Branches 109 Tags 25 MiB
2048d17931
Commit Graph

3265 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Anderson
2048d17931 Fixed pidfile read error on server 2k12 (#2617) 2016-10-13 15:18:42 -07:00
Michael McGrew
21f797c811 add table for appcompat shims (#2618) 2016-10-13 13:31:05 -07:00
Mohamed El-Shahawi
a3e8bac776 Add virtual table: Windows services (#2600) 2016-10-12 09:10:05 -07:00
Nick Anderson
616d9f5953 Adding support for Windows platform_info table (#2611) 2016-10-12 09:01:32 -07:00
Teddy Reed
9a0c5c4556 deps: Use linenoise-ng for all platforms (#2613) 2016-10-11 22:16:21 -07:00
Teddy Reed
b7c5ee31b2 Return hardware UUIDs without potential trailing NULL bytes (#2616) 2016-10-11 17:55:48 -07:00
Mohamed El-Shahawi
498a040ee6 Add virtual table: Windows Kernel_info (#2610) 2016-10-11 17:46:26 -07:00
Zachary Wasserman
e78c1358bb Add LIKE support to hash virtual table (#2615) 2016-10-11 10:48:57 -07:00
Teddy Reed
665c4fb9bc [Fix #2599] Read from Linux SMI sysfs node for SMBIOS (#2612) 
This also fixes odd behavior in Linux when reading a 'regular' file
from /sys that only returns a max of a page-read in bytes.
 2016-10-11 09:55:01 -07:00
Teddy Reed
1694a87e7b deps: Bump xz revision and bottle hash on Linux (#2614) 2016-10-11 09:49:52 -07:00
Michael McGrew
fa0e15ae10 Update wmi_cli_event_consumers with correct columns (#2608) 2016-10-10 18:49:37 -07:00
Rogelio Domínguez Hernández
a07c3cce59 RPM packages now follow the form name-version-rev.platform.arch.rpm (#2561) 2016-10-10 18:33:48 -07:00
Ryan Holeman
d1240f05e5 Fix for AWS ami role auth with cpp-netlib custom redirect condition (#2596) 2016-10-09 12:11:56 -07:00
Stephen Lester
a970b0ca42 Use 'namespace' instead of '#define' for boost::filesystem (#2597) 2016-10-07 14:59:42 -07:00
Stephen Lester
0a02532b99 [Fixes #2594] windows: Implement the etc_services table (#2595) 2016-10-06 14:06:44 -07:00
Teddy Reed
0b1713423c [Fix #1690] Use INDEX options in constraint cost evaluation (#2593) 2016-10-05 15:44:21 -07:00
Teddy Reed
a7f1be1a36 Add test for processes table to verify mem/cpu units (#2589) 2016-10-05 12:08:45 -07:00
Mohamed El-Shahawi
c83afe01d6 Add virtual table: Windows etc_protocols (#2590) 2016-10-04 19:08:27 -07:00
yying
2845898b18 Efficiency improvements to processes table on Windows (#2587) 2016-10-03 12:23:46 -07:00
Mohamed El-Shahawi
c446746a3a Add virtual table os_version for windows (#2586) 2016-10-03 12:06:05 -07:00
headmin
c18b2260e8 add Zentral remote TLS server info (#2582) 2016-10-03 08:21:27 -07:00
Nick Anderson
07a2a3c292 Updating processes table to include memory (#2573) 2016-10-02 22:41:05 -07:00
Teddy Reed
37bacc3a7f [Fix #2549] Windows: use all CPUs with minimal verbosity (#2588) 2016-10-02 19:31:12 -07:00
lambda-conjecture
e33002e922 Change memory_info fields to BIGINT to handle 4G and larger sizes (#2584) 2016-10-02 18:12:35 -07:00
Zachary Wasserman
6e7c1cdf32 Fix doxygen string in core.h causing make docs to fail (#2585) 2016-10-02 16:52:44 -07:00
Nick Anderson
b69981584f Fixing COM memory leak (#2583) 2016-10-02 12:15:17 -07:00
Tony
6f1031a155 Remove package gcc from arch linux provisioner (#2577) 2016-09-30 15:59:57 -07:00
Michele Adduci
65f41d3afe added ctest after build (#2558) 2016-09-29 10:47:45 -07:00
Rogelio Domínguez Hernández
5a0fbaf3b5 Fix memory leak at osquery/devtools/shell.cpp (#2562) 2016-09-29 09:31:56 -07:00
Serey Ty
a42a57caea add osx komplex query (#2570) 
add query to detection osx komplex
 2016-09-29 07:25:26 -07:00
Teddy Reed
68e68b1d6a deps: Add yara 3.5.0 and sleuthkit 4.3.0 bottles (#2565) 2016-09-28 17:39:33 -07:00
Nick Anderson
71bd3b6416 Adding gates to non-implemented windows tests (#2563) 2016-09-28 17:15:24 -07:00
Lennart Espe
ae4a09ac0f Update yara to version 3.5.0 (#2546) (#2552) 2016-09-28 14:16:39 -07:00
Teddy Reed
b895c6a988 Reduce several INFO logs to VLOGs and increase size-INTEGERs to BIGINT (#2559) 2016-09-28 12:38:35 -07:00
Fedor Sumkin
165e19e394 Fix for directories with spaces in path (#2555) 2016-09-28 12:01:58 -07:00
Daniel Bayerlein
80de6e3d3b Update sleuthkit to v4.3.0 (#2545) (#2557) 2016-09-28 12:00:07 -07:00
Liu Xinan
101574ad51 Fix sign-compare warnings in tests (#2554) 2016-09-28 08:47:24 -07:00
Michael McGrew
b77c217a80 Rename products.cpp to programs.cpp (#2541) 2016-09-27 19:43:24 -07:00
Teddy Reed
7e9088e008 [#2542] Introduce --enable_syslog to explicit enable syslog ingestion (#2543) 2016-09-27 17:35:21 -07:00
Zachary Wasserman
666198909a Add missing host_identifier in TLS enrollment request documentation (#2538) 2016-09-27 14:41:54 -07:00
Michael McGrew
0473043c3a Rename programs table to correct file name (#2537) 2016-09-27 14:41:24 -07:00
yying
7b5365d986 Ability to parse arguments for Windows Services (#2536) 2016-09-27 14:40:44 -07:00
Teddy Reed
f21f931d40 Add option for status-only secondary logger plugins (#2534) 2016-09-27 03:33:58 -07:00
Teddy Reed
c95ca50870 [#2532] Handle potential test errors 'Address family not supported' (#2533) 2016-09-27 02:40:10 -07:00
Teddy Reed
a3477aa5dd docs: Windows 10 badge/install/flags (#2531) 2016-09-27 02:27:41 -07:00
Teddy Reed
ff2e1a182f Initialize VirtualTableContent attributes (#2530) 2016-09-26 23:52:25 -07:00
Teddy Reed
6842797bf5 Create temp directory and fail over to user home (#2529) 2016-09-26 23:44:50 -07:00
Teddy Reed
257535e5a2 Correct config-loaded meaning to be has-run-load (#2528) 2016-09-26 22:34:03 -07:00
Teddy Reed
4d1451c9b4 Add extensions SDK incompatibility checking (#2527) 2016-09-26 17:32:41 -07:00
Zachary Wasserman
9216ed8275 Make syslog rate limit configurable by flag (#2526) 2016-09-26 17:31:22 -07:00