valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,024 Commits 2 Branches 109 Tags 25 MiB
210af254b1
Commit Graph

965 Commits

Author SHA1 Message Date
Teddy Reed
ae19b7797d Allow EINTR within ThriftTransport (#2879) 2016-12-16 18:12:02 -08:00
Nick Anderson
b6b4ced56c Fixing python installation path in Chocolatey (#2857) 2016-12-09 17:18:44 -08:00
Teddy Reed
dcbb32f442 Allow autoload paths to include directories (#2855) 2016-12-08 18:24:01 -08:00
lambda-conjecture
6e1af3954e Add --enroll_always flag for TLS config plugin (#2827) 2016-12-06 21:56:56 -08:00
Teddy Reed
3f5c02cc14 Update bottles: gflags, glog, libmagic, libaptpkg, rocksdb, zzuf (#2848) 2016-12-06 21:53:21 -08:00
Nick Anderson
601ace89fa Adding helpers to add/remove to/from Windows PATH (#2831) 2016-12-05 16:55:49 -08:00
Nick Anderson
5be8958aa9 Explicitly set chocolatey source (#2828) 2016-12-02 12:20:52 -08:00
Teddy Reed
31ebb06a4d deps: rocksdb version 4.11.2 on POSIX (#2821) 2016-12-02 10:43:00 -08:00
Nick Anderson
4d847d2024 Bumping rocksdb on Windows to 4.11.2 (#2820) 2016-12-01 21:48:47 -08:00
Teddy Reed
a2dd2fdc3d [#2816] Break make deps into sysprep and deps (#2817) 2016-12-01 10:20:30 -08:00
Teddy Reed
1b21e5173e [Fix #2798] Update gflags on OS X/Linux to 2.2.0 (#2800) 2016-11-30 15:59:18 -08:00
Nick Anderson
29e115f138 Bumping gflags and openssl on Windows (#2811) 2016-11-30 15:48:50 -08:00
Daniel Popescu
d7d1c6b716 Lucid package build fixes (#2797) 2016-11-28 21:09:14 -08:00
Teddy Reed
ac8c0871a6 Fix deterministic and package build tests (#2795) 2016-11-23 18:55:48 -08:00
trizt
1cf5ef5a8a Add Gentoo as a build environment and portage tables (#2638) 2016-11-22 14:55:30 -08:00
Teddy Reed
7f1dbd604e Remove readline from Linux provision (#2786) 2016-11-20 11:36:19 -08:00
Teddy Reed
d402a6ad45 Allow configuration JSON to include escaped newlines (#2785) 2016-11-19 15:01:40 -08:00
Teddy Reed
3c22ed3b3c Allow tools/build.sh to SKIP_TESTS (#2784) 2016-11-19 13:41:51 -08:00
Teddy Reed
2bc72cd69b packages: Touch LaunchDaemon flagfile on OS X when autostarting (#2781) 2016-11-19 12:13:31 -08:00
Teddy Reed
f758d0477f Add RUN_DETERMINISTIC test to build.sh (#2782) 2016-11-19 02:44:23 -08:00
Teddy Reed
dfad06e21b package: Only attempt OS X RPM with rpmbuild (#2776) 2016-11-17 23:45:13 -08:00
Teddy Reed
607edce31d Restore the /maxcpucount switch for MSBuild (#2769) 2016-11-16 20:46:24 -08:00
Teddy Reed
fd5e9f5577 Attempt to build all packages on every Linux build (#2765) 2016-11-15 19:43:53 -08:00
Teddy Reed
d3db14337e deps: Linux: apt-pkg 1.3.1 (#2761) 2016-11-15 01:19:08 -08:00
Teddy Reed
af98a9d065 deps: Only fallback to clang on Linux (#2758) 2016-11-14 18:02:02 -08:00
Teddy Reed
cdf9741aaa deps: Bottle updates for OS X: augeas, libxml2 (#2756) 2016-11-14 15:17:46 -08:00
Teddy Reed
e2255dbb03 deps: Bottle updates for Linux: augeas, libmagic, libxml2, zzuf, zlib-legacy (#2755) 2016-11-14 14:52:11 -08:00
Nick Anderson
b61124e2b3 Removing powershell linter installation for build hosts (#2753) 2016-11-14 12:54:33 -08:00
Teddy Reed
7a60376cf0 deps: windows: Skip clang-format on build hosts (#2752) 2016-11-14 12:10:08 -08:00
Teddy Reed
2a5324bc26 build: Install VS build tools only on build hosts (#2746) 2016-11-13 20:29:40 -08:00
Teddy Reed
a2f7790ca6 Various fixes and updates to the wiki (#2740) 2016-11-11 22:13:51 -08:00
Omer Katz
5b7655b96f Add augeas table and libxml2 dependency (#2181) 2016-11-11 08:00:59 -08:00
Teddy Reed
a85ff84b31 Update dependency build flows on Linux and OS X (#2730) 2016-11-10 08:14:26 -08:00
Teddy Reed
2c5fc5b699 Update cmake openssl curl python linenoise-ng bottles (#2728) 2016-11-06 20:26:39 -08:00
Teddy Reed
e5a8bba87f [Fix #2726] Update OpenSSL to 1.0.2j: cmake python curl (#2727) 2016-11-06 19:41:10 -08:00
Teddy Reed
0330917294 packages: Add darwin to OS X RPM iteration (#2721) 2016-11-03 23:47:07 -07:00
Teddy Reed
a8a8e26393 [Fix #2697] Create RPMs on OS X (#2718) 2016-11-03 15:12:04 -07:00
Teddy Reed
a3acf2a3e5 Fix Config TLS plugin default verb (#2708) 2016-11-02 17:08:44 -07:00
Nick Anderson
0ef97d1acc [Fix #2466] Reduced verbosity and added Pending Reboot Check (#2669) 2016-11-02 10:46:45 -07:00
Teddy Reed
3495b3cafe Remove /maxcpucount from Windows build script (#2699) 2016-10-31 19:21:57 -07:00
Teddy Reed
26c796f340 [Fix #2678] Run postinstall for OpenSSL to install certs.pem (#2679) 2016-10-24 17:12:37 -07:00
Teddy Reed
71887f3ae0 Refactor test/ctest and suppressions (#2676) 2016-10-24 02:31:22 -07:00
Teddy Reed
bbf2cf7726 Silence several git messages when running make deps (#2668) 2016-10-22 00:56:18 -07:00
Nick Anderson
87c9a6ae24 Adding cppcheck analysis script (#2661) 2016-10-21 14:27:10 -07:00
Teddy Reed
793584e803 Use underscores for long RPM package versions (#2655) 2016-10-20 09:25:10 -07:00
Teddy Reed
60bbf129af Update OS X build and add Sierra hashes (#2650) 2016-10-19 15:25:31 -07:00
Nick Anderson
81d2794b26 platformGetUid returns 0 for Administrator user (#2643) 2016-10-19 10:25:32 -07:00
Teddy Reed
faea0ccf9c [Fix #2626] deps: Add no-avx to linenoise-ng build (#2628) 2016-10-14 16:09:16 -07:00
Teddy Reed
9a0c5c4556 deps: Use linenoise-ng for all platforms (#2613) 2016-10-11 22:16:21 -07:00
Teddy Reed
1694a87e7b deps: Bump xz revision and bottle hash on Linux (#2614) 2016-10-11 09:49:52 -07:00
Rogelio Domínguez Hernández
a07c3cce59 RPM packages now follow the form name-version-rev.platform.arch.rpm (#2561) 2016-10-10 18:33:48 -07:00
Teddy Reed
37bacc3a7f [Fix #2549] Windows: use all CPUs with minimal verbosity (#2588) 2016-10-02 19:31:12 -07:00
Tony
6f1031a155 Remove package gcc from arch linux provisioner (#2577) 2016-09-30 15:59:57 -07:00
Michele Adduci
65f41d3afe added ctest after build (#2558) 2016-09-29 10:47:45 -07:00
Teddy Reed
68e68b1d6a deps: Add yara 3.5.0 and sleuthkit 4.3.0 bottles (#2565) 2016-09-28 17:39:33 -07:00
Nick Anderson
71bd3b6416 Adding gates to non-implemented windows tests (#2563) 2016-09-28 17:15:24 -07:00
Lennart Espe
ae4a09ac0f Update yara to version 3.5.0 (#2546) (#2552) 2016-09-28 14:16:39 -07:00
Fedor Sumkin
165e19e394 Fix for directories with spaces in path (#2555) 2016-09-28 12:01:58 -07:00
Daniel Bayerlein
80de6e3d3b Update sleuthkit to v4.3.0 (#2545) (#2557) 2016-09-28 12:00:07 -07:00
Teddy Reed
f21f931d40 Add option for status-only secondary logger plugins (#2534) 2016-09-27 03:33:58 -07:00
Teddy Reed
53b32b2aa0 deps: Update OS X asio, openssl, thrift (#2519) 2016-09-23 19:49:41 -07:00
Teddy Reed
2a7824e583 deps: Add ccache to provision (#2518) 2016-09-23 18:01:15 -07:00
Teddy Reed
bc09fee04d deps: cppcheck and zzuf (#2516) 2016-09-23 13:25:16 -07:00
Teddy Reed
dabf025bd6 Update bottles: asio, libgpg-error, openssl, thrift, zlib (#2511) 2016-09-23 08:22:14 -07:00
Teddy Reed
92a68b514e Add PYTHONPATH to brew environment for Python postinstall (#2502) 2016-09-21 18:04:22 -07:00
Teddy Reed
1a43d4e4c3 Reorganize analysis tools/artifacts into analysis (#2497) 2016-09-21 15:15:25 -07:00
Teddy Reed
36cf429b0e Prefer the osquery dependencies root for Python tests (#2496) 2016-09-21 13:36:07 -07:00
Teddy Reed
a6589c49e3 [Fix #2482] Use atomic member in Dispatcher tests (#2494) 2016-09-21 10:52:52 -07:00
Teddy Reed
94df7cb691 Build OpenSSL with no-asm to remove AVX2 dependency (#2493) 
To support machines without AVX2 features we need to avoid compiling
and linking the dependent instructions found the ASM implementations
of some OpenSSL crypto algorithms.

Additionally, we are removing the SSL3 methods from our OpenSSL build.
The osquery TLS plugins explicitly define a cipher list that excludes
SSL3, but as an extra measure (for plugins not using our transports)
we remove it from ASIO and Thrift too.
 2016-09-21 10:37:07 -07:00
Teddy Reed
f87e9df38f [#2491] Add Homebrew contributors license (#2492) 2016-09-21 09:16:06 -07:00
Nick Anderson
2abdd120a7 Small fixes to PSScriptAnalyzer install verbosity (#2489) 2016-09-20 17:45:43 -07:00
Alex
575685d3c7 Add support for pre-uninstall scripts at package creation (#2480) 2016-09-20 16:39:40 -07:00
Ryan Holeman
9d9e32badc Changed the naming convention of the tls server file to match osx (#2485) 2016-09-20 16:35:36 -07:00
yying
a7af70d021 Adding remote config/logging capabilities to Windows build (#2469) 2016-09-20 14:18:58 -07:00
Nick Anderson
c7687df3ee Adding version checking to provisioning script (#2478) 2016-09-20 11:29:29 -07:00
Nick Anderson
99795033b2 Fixing powershell linting warnings (#2470) 2016-09-19 13:46:49 -07:00
Teddy Reed
c9880cad17 Refactor legacy runtime (#2473) 2016-09-16 11:29:43 -07:00
Teddy Reed
366b5f08ca Limit Linux package dependencies (#2463) 2016-09-14 10:31:21 -07:00
Teddy Reed
df1e3b9481 Add make fuzz (#2458) 2016-09-13 20:37:31 -07:00
Teddy Reed
ad3349ff92 Update RPM packages with bottle hashes (#2459) 2016-09-13 10:10:05 -07:00
Teddy Reed
c7ee4f9ca4 Add librpm build and RPM tables (#2456) 2016-09-12 22:43:36 -07:00
Mitchell Grenier
072a93ccac Accelerated checkins (#2454) 2016-09-12 16:53:42 -07:00
yying
a27d6567e4 Core and Additional Tests (#2441) 2016-09-12 09:46:52 -07:00
Teddy Reed
1a5f36c715 deps: CMake 3.6.1 (#2440) 2016-09-07 16:30:15 -07:00
Ryan Holeman
6f919429ff added env flag to create *nix packages with a tls server certs file (#2442) 2016-09-07 13:16:59 -07:00
Nick Anderson
7b8bd9657d Adding clang-format to provisioning (#2437) 2016-09-06 16:42:20 -07:00
Philip J Beyer
4f6c802c7b Corrects Linux package script reference (#2415) 
Corrects reference to example config in Linux package script.
 2016-09-06 16:41:04 -07:00
Teddy Reed
111dadf8a0 Upgrade LLVM to 3.8.1 on Linux (#2436) 2016-09-02 07:59:10 -07:00
yying
d347c847e1 Support for extensions (#2363) 2016-08-31 16:45:06 -07:00
Teddy Reed
65dd56e113 Introduce table 'attributes' (#2431) 2016-08-31 15:32:20 -07:00
Nick Anderson
bcb5edc464 Refactoring Win provisioning to prevent duplicate installations (#2411) 2016-08-28 23:00:26 -07:00
artemdinaburg
7915b579ee Load VS variables for amd64 native build prior to launching cmake (#2408) 2016-08-26 11:42:18 +01:00
Teddy Reed
69dc5d3210 [skip ci] Update RocksDB bottle hashes 4.9 (#2409) 2016-08-25 17:43:38 +01:00
Omer Katz
15dd15ee38 Bump rocksdb to 4.9 (#2404) 2016-08-24 17:02:51 +01:00
Teddy Reed
84e65d1141 Remove various provision files (#2406) 2016-08-24 13:40:35 +01:00
yying
2f1cad864d Support for building static osquery executable (#2398) 2016-08-22 23:27:12 +01:00
Nick Anderson
fe7b8d98f9 Adding getSystemRoot function (#2386) 
Adding a cross platform function for getting the OS root
and returning it as a boost::fs::path
 2016-08-18 09:32:34 -07:00
Teddy Reed
e969b92a2e Fix code auditing job and disable Homebrew auto-update (#2392) 2016-08-17 16:00:30 -07:00
Teddy Reed
407286b93b deps: Install UUID headers before AWS SDK (#2380) 2016-08-16 19:12:55 -07:00
Teddy Reed
0161edf15d Update bottles for AWS-SDK-CPP 0.14.4 (#2375) 2016-08-16 08:37:11 -07:00
Teddy Reed
d8a3b26f65 Display diff when audit fails due to clang-format changes (#2374) 2016-08-15 22:12:55 -07:00
Teddy Reed
a2540a2614 Update to AWS-SDK-CPP version 0.14.x (#2371) 2016-08-15 21:30:39 -07:00
Teddy Reed
86363bc60a Add AWS-SDK-CPP r1 hashes (#2370) 2016-08-15 17:56:48 -07:00
Ryan Holeman
a217035d12 Add AWS STS assume role authentication capability 2016-08-15 16:07:51 -07:00
Teddy Reed
b551b037ef Always update the local tap symlink for make deps (#2368) 2016-08-15 16:07:39 -07:00
Teddy Reed
a2017f68f1 Add clang-format rules from 3.6 (#2360) 2016-08-15 01:33:17 -07:00
Teddy Reed
89e18547aa Ignore errors within testing for rmtree (#2355) 2016-08-13 22:06:42 -07:00
Teddy Reed
9ee90f4f2d [Fix #2274] Relax return code checks for osqueryd tests (#2353) 2016-08-12 18:02:28 -07:00
yying
381e86a931 Changes to support new boost-msvc14 package (#2352) 2016-08-12 17:08:08 -07:00
artemdinaburg
6e3f4b8e13 Copy required DLLs into the build directory (#2339) 2016-08-10 16:48:33 -07:00
artemdinaburg
de71df922b Check return code from the provision script and error if it errored (#2340) 2016-08-10 16:36:51 -07:00
Teddy Reed
48e3bc033c Always ignore brew dependencies within make deps (#2337) 2016-08-09 22:03:45 -07:00
Teddy Reed
f3f605e26a Introduce a PLATFORM_MASK and isPlatform (#2334) 
Along with the platform defines and platform string defines provided by
CMake to the build, add a PLATFORM_MASK define.

Use this define as a platform-type mask with the PlatformType enum.
 2016-08-09 20:27:42 -07:00
texereda
2e67c6b717 [Fix #2262] Create flagfile on OS X within osqueryctl (#2317) 2016-08-09 10:27:03 -07:00
Teddy Reed
e1ad335987 Enforce config-check for start command (#2332) 2016-08-09 09:12:17 -07:00
Nick Anderson
ec57595620 Fixed typo in debian provision script (#2320) 2016-08-04 18:37:49 -07:00
Zohaib Sharani
85ed298fb9 Added build support for ManjaroLinux (#2298) 2016-08-03 12:57:09 -07:00
Teddy Reed
8d3fdf371a Fix dependency building for bottle cache misses (#2316) 
When a make deps dependency encounters a cache miss, the from-source build
is triggered. This must mimic the from-source CLI arguments to brew.

This commit also improves the aws-sdk-cpp formula.
 2016-08-02 16:55:02 -07:00
Teddy Reed
46ae4a6e7a Use a force remove for non-UTF8 files in glibc (#2315) 2016-08-02 01:45:41 -07:00
Tony
487051614f Rename main function, remove ruby-irb (#2314) 2016-08-01 18:47:01 -07:00
Zohaib Sharani
08e5bfbf29 Rename the function main_arch() to distro_main() (#2313) 2016-08-01 18:45:54 -07:00
Teddy Reed
9a26e75ea3 Bump LLVM to revision 1 and build with clang-rt (#2310) 2016-08-01 00:05:59 -07:00
Teddy Reed
e4dd78ec10 Build documentation for brew-based build (#2305) 2016-07-31 17:10:13 -07:00
Teddy Reed
7c1ecc6871 Brew-based build redesign (#2251) 2016-07-31 11:32:31 -07:00
yying
4f5f3f0795 Test for Windows osquery daemon (#2300) 2016-07-29 12:06:13 -07:00
Nick Anderson
5463a7d15c Adding CLI compile script for windows (#2295) 2016-07-25 21:51:37 -07:00
yying
2fb3797c53 Changes to support building a osquery Windows service. (#2278) 2016-07-22 13:29:37 -07:00
Nick Anderson
673f39e86f fixed provision script path in make-win64-dev-env (#2271) 2016-07-21 11:15:49 -07:00
Teddy Reed
172363d3f5 Fix debug-kernel build and deploy dependencies (#2266) 2016-07-20 17:21:20 -07:00
amironenko
575314bf61 Ubuntu + Debian build fixes (#2247) (#2248) 2016-07-20 17:02:40 -07:00
Nick Anderson
00935e28cc Moved windows provisioning script (#2257) 2016-07-19 16:47:51 -07:00
Tony
c1d004ed1f Better fault-tolerant defaults for systemd service (#2255) 2016-07-17 18:56:00 -07:00
DaanDeMeyer
0544b50530 Cleaned up arch provisioning (#2239) 2016-07-12 11:51:35 -07:00
Tony
aa714d4c77 Add ability to provision Arch Linux (#2215) 2016-07-06 15:02:58 -07:00
Omer Katz
2eb4a75884 Bump AWS SDK to 0.12.17 (#2214) 2016-07-05 20:26:24 -07:00
Teddy Reed
24f757850e Add link_whole to generated TARGETS file (#2219) 2016-07-05 17:58:06 -07:00
Teddy Reed
3b2c489374 Use libuuid from e2fsprogs for codegen TARGETS (#2213) 2016-07-01 11:36:42 -07:00
Teddy Reed
753c023640 Fix milli/micro conversion when waiting for active plugins (#2205) 2016-06-30 13:31:32 -07:00
Teddy Reed
3422a44d83 Run profile on all POSIX tables (#2202) 2016-06-30 11:58:55 -07:00
artemdinaburg
b7aad5a2c3 Install new requires packages and link to them in CMake (#2183) 2016-06-24 08:47:48 -07:00
artemdinaburg
d4a3fe2452 Windows Daemon/Shell: Initial support for Windows tables (#2182) 
Preparation for Windows Tables. We need a Windows process table so that the daemon will run
 2016-06-23 16:04:11 -07:00
Teddy Reed
9a4b6ba1a8 [Fix #2161] Remove space and quotes from launch daemon (#2174) 2016-06-19 23:25:09 -07:00
Gary
498f64437a Copy service unit configuration to Ubuntu Xenial default location (#2163) 2016-06-15 13:21:33 -07:00
Gary
5eee608f62 Fixed bash griefing over postifx-compatible conditional compounds (#2159) 2016-06-10 16:37:56 -07:00
Nick Anderson
cf30388705 Moved test_utils to it's own directory out of core. Updated references (#2154) 2016-06-09 10:49:26 -07:00
Teddy Reed
866ff13fc3 Fix OS X kernel extension autoload (#2151) 2016-06-08 11:14:36 -07:00
Teddy Reed
63db493e4f Update AWS-SDK build to 0.12.5 (#2148) 2016-06-07 19:04:22 -07:00
Ryan Holeman
5dd2a54f39 Ability to add default configs and postinstall scripts to deb/rpm packages (#2142) 2016-06-07 15:09:08 -07:00
Nick Anderson
5d072cd080 Added except for lsb_release not existing on system (#2143) 
Added an exception case for OSError when the lsb_release command isn't found on hosts.
 2016-06-07 12:52:51 -07:00
Zachary Wasserman
0ec094c27c Update version for AWS SDK 0.12.4 (#2139) 2016-06-06 16:43:01 -07:00
Teddy Reed
763f4e9437 Use SQLite 3.14.0 to support LIKE and EQUALS (#2137) 
This commit bumps the third-party SQLite to the 3.14.0 pre-release (18:59).
With 3.14.0 the LIKE and EQUALS constraint operators may be mixed within a
query. Previously these would fail to produce a valid set.

As part of the support, each virtual table should choose to bypass rowid-based
deduplication using the new "WITHOUT ROWID" create table epilog. This will
be appended to the schema if the table defines a PRIMARY KEY using index=True.
 2016-06-06 09:36:53 -07:00
Teddy Reed
597c7d5c02 Add systemd service to Xenial (#2134) 2016-06-03 09:09:09 -07:00
Teddy Reed
af1a8d8ad6 Check for none in linked_keg (#2133) 2016-06-02 16:10:26 -07:00
Teddy Reed
4704ccd6c9 Use local AWS-SDK formula for OS X (#2132) 
Thus begins our need to include local (modified) brew formulas.
This commit adds a new provision library method: local_brew. Use this function
within provision scripts to install packages that are not appropriate for
homebrew-core.
 2016-06-02 14:58:43 -07:00
Justin Gerace
d27930b4ea Fix Scientific Linux build process (#2130) 2016-06-01 16:59:55 -07:00
Nick Anderson
3422100578 Updated the get_platform.py script to be Python 3 compatible (#2122) 
Added in future imports to make the script forwards compatible and updated print functions.
 2016-05-31 09:10:53 -07:00
Teddy Reed
a9ed73c68d Add removeService to Dispatcher API (#2116) 
With a removeService method, combined with the abstracted thread start in
the Dispatcher API, services auto-remove when finished.

This will un-break the kernel communication tests. These tests only stop
when all their producer threads/services have ended.

This also promotes the OS X kernel build to 10.11.
 2016-05-27 11:17:06 -07:00
Sharvil Shah
8b0e6e138f Fix benchmark target and bump version of google-benchmark to 1.0.0 (#2065) 2016-05-19 11:56:54 -07:00
Teddy Reed
c4acfe89e5 Introduce table aliases (#2104) 2016-05-19 09:40:43 -07:00
Teddy Reed
df7003e708 Use ruby/gem ABI version 1.9.1 on 12.04 (#2106) 2016-05-18 22:21:06 -07:00
Teddy Reed
869993b543 Fix Ubuntu 15.04 build (#2105) 2016-05-18 20:48:26 -07:00
Teddy Reed
b28c4d8d0f Introduce table options (#2101) 
Table options includes a change to the Registry::call API for TablePlugins.
When requesting route information or the 'columns' action, a new 'op' key is included.
 2016-05-18 12:23:52 -07:00
yying
26ad131c38 Building osquery unit tests on Windows 10 (#2100) 
Integrated process abstraction code into more locations
Defined new macros for abstracting across various platforms
Added GLOG_NO_ABBREVIATED_SEVERITIES for glog to support Windows
Fixed some minor CMake issues involving thrift
Updated gflags package; reflecting change in provision script
Preparing CMake config files for WIN32 support
 2016-05-17 12:39:11 -07:00
Teddy Reed
314e3467bc Check for systemd service in osqueryctl (#2090) 2016-05-13 19:48:22 -07:00
Teddy Reed
e61116f5db Add Ubuntu Xenial 16.04 build support (#2089) 
The current Ubuntu-provided Xenial does not mount a shared folder.
 2016-05-12 08:47:05 -07:00
Christian McHugh
1f4d4f6965 - Install CMake on all Debian versions- Only install Ruby 1.8's development package on Wheeze 
- Install CMake on all Debian versions
- Only install Ruby 1.8's development package on Wheezy
 2016-05-12 08:45:33 -07:00
Teddy Reed
d49c401324 Add decorators to example config (#2082) 2016-05-10 10:07:25 -07:00
Teddy Reed
947799d28e Introduce within-query caching (#2077) 
This adds a new optimization feature that allows expensive tables to cache
their results between JOINs. Consider JOINing a list of open sockets, for each
process, then requesting to hash each process path. This query may hash
the same path multiple times.

Within-query caching allows the hash table to respond with the previous
result of the hash request as long as the requested computation was the result
of a single query. Subsequent queries will perform subsequent hashing.
 2016-05-09 10:32:33 -07:00
Zachary Wasserman
9fd807df54 Add --build-bottle argument to AWS SDK install (#2066) 2016-05-03 14:25:29 -07:00
Zachary Wasserman
262833c86a Add AWS Kinesis and Firehose logger plugins (#2045) 
This commit adds logger plugin implementations for the Amazon
Kinesis (https://aws.amazon.com/kinesis/) and Kinesis
Firehose (https://aws.amazon.com/kinesis/firehose/) services. To support
these plugins there are a number of utility classes and functions for
AWS authentication, configuration and API integration. The logger plugin
implementations take advantage of the BufferedLogForwarder base class
for reliable buffering and batch sending of logs. In their current
implementations, the logger plugins only support sending of result logs
to these AWS services.
 2016-04-25 16:19:51 -07:00
Zachary Wasserman
31748d249b Add AWS C++ SDK to provision scripts (#2046) 2016-04-25 09:01:29 -07:00
Teddy Reed
87f7b32d0a Fix make_package build for OS X/Linux (#2049) 
There seems to have been a regression in package building.
The ./tools/lib.sh script now overloads the SCRIPT_DIR variable,
which is also used in the package build scripts.

This changes the file-local variable in ./tools/lib.sh.
 2016-04-22 11:15:26 -07:00
yying
18013da24b Initial support for building on Windows (#2015) 
* Committing changes related to our experimentation with a "pure" Win64 build

* Placates CMake such that a Visual Studio 14 x64 solution is generated!

* Updated changes to fix the issue of GFlags not being found.

* Added cases to handle Win64 specific CMake options such as include/link
directories and compiler options

* Comment change in CMakeList.txt

* Changed wording of get_platform error message. Adding Powershell
provisioning script.

* Finalized provision powershell script

* Added a deployment XML file for insuring C++ support exists for VS2015

* Added admin check and resolved some potential PATH issues.

* Fixed some potential bugs in VS2015 automated install

* Adding a wrapper for provision.ps1 so people don't need to know obscure
powershell syntax

* Fixing a bug with third-party archive extraction

* Ignoring the updating of pip for now...

* Fix invocation of choco.exe

* Resolved pip install issues

* Removed some debugging residue

* Changing get_platform.py from tabs to spaces

* Added distro detection for ubuntu and darwin

* Using 4 spaces

* Added a newline after powershell invocation

* Added OS detection for freebsd and fedora

* Fixed bug with freebsd

* Adding arguments parsing to prepare for modularizing platform detection

* Removing bash platform detection logic and forwarding the task to
get_platform.py

* Removing get_platform support in provision.sh since it doesn't appear to
be used anywhere now

* Fixed some comment/spacing issues. Made a few efficiency changes

* A few bug fixes, revereted back to WIN32 variable for now

* Added Facebook copyright information.

* Fixed boost and rocksdb library paths

* Added support for installing our custom chocolatey packages

* Fixed path to ignore the symlink

* Force environment variable propagation

* Forgot to add new line after make-win64-dev-env.bat

* Added error handling for choco install failures

* Handles download and python/pip errors

* When chocolatey is not detected, refreshenv.bat is not found in the PATH.
Hardcode the PATH as per chocolatey install instructions

* Takes care of updating git submodules in third-party\

* Fixes a bug in which Linux provisioning fails because of unset FAMILY
env var.
 2016-04-15 14:01:16 -07:00
Teddy Reed
192953bcd3 [Fix #2030] Add generate_foreign and --enable_foreign (#2034) 2016-04-11 09:33:45 -07:00
Teddy Reed
fd53f7ce6c Remove devel switch for brew's cpp-netlib package 2016-04-10 19:34:33 -07:00
Teddy Reed
97690b1b95 Merge pull request #1983 from theopolis/decorators 
Introduce decorator queries
 2016-03-30 21:04:31 -07:00
Justin Gerace
bdb17d7418 Add build support for Scientific Linux 2016-03-29 22:25:59 -07:00
himanshudas
10211d938b Merge missing package dependencies for Debian wheezy 2016-03-29 11:49:57 -07:00
Teddy Reed
fd0e520d20 Remove bashisms from CentOS7 systemd service 2016-03-29 10:12:04 -07:00
Teddy Reed
2379493721 Introduce decorator queries 2016-03-29 10:03:50 -07:00
Teddy Reed
d71fa5b46a Remove forking from systemd service 2016-03-27 15:11:20 -07:00
Matt Moran
f1bdf23d88 systemd properly supervised 2016-03-25 14:12:48 -07:00
Scott J. Roberts
9653b81833 Inconsistant Pathing 
When I added the flag file switch it was aimed at `/var/osquery`, but the package is built such that everything exists in `/private/var/osquery`. This simply makes this more consistent.
 2016-03-25 13:55:52 -04:00
Teddy Reed
27f4754e5e [Fix #1928] Reorder deps installs to build all with clang 2016-03-20 19:15:44 -07:00
Teddy Reed
0ab1a156cd Merge pull request #1882 from waywardmonkeys/patch-1 
Fix typos in example conf.
 2016-03-20 12:02:23 -07:00
Teddy Reed
15a998e54f Use the default shutdown flow within extensions 2016-03-20 01:45:49 -07:00
Teddy Reed
9f5de79af1 Fixup Debian package builds 2016-03-18 16:59:59 -07:00
Teddy Reed
c62a0f41b6 Various cleanups 2016-03-18 10:40:07 -07:00
Teddy Reed
621f1bd3a9 [Fix #1896] Gate additional and kernel tests/benchmarks 2016-03-15 23:05:37 -07:00
Teddy Reed
bb20a968d9 Merge pull request #1930 from theopolis/debug 
Build debug packages
 2016-03-15 11:12:56 -07:00
Teddy Reed
42222bd4a5 Build debug packages 2016-03-15 08:58:01 -07:00
Teddy Reed
0ba2861cf9 [Fix #1920] Detach thread before joining/clearing (terminate) 2016-03-13 12:15:18 -07:00
Teddy Reed
3de52846d0 Remove boost::thread 2016-03-11 11:50:44 -08:00
Teddy Reed
d3786c45a3 Merge pull request #1916 from theopolis/deps_updates 
Several package updates within provision code
 2016-03-10 20:26:04 -08:00
Teddy Reed
32efa9a09b Several package updates within provision code 
1. Update boost to 1.60 from 1.55 on Linux platforms
2. Add asio (1.11.0) to the deps set
3. Update snappy to 1.1.3 on Linux platforms
4. Update cpp-netlib to 0.12.0-rc1 from 0.11 on Linux platforms
 - OS X and brew also include 0.12.0-rc1 as a devel option
5. Update libapt to 1.2.6 from 0.8.6 on Ubuntu/Debian
 - This adds lzma as a dependent link
 2016-03-10 19:40:15 -08:00
readshaw
d0b16e37c4 Add option to specify and bundle TLS server cert chain file; and osqueryd is restarted in installation postinstall. 2016-03-10 10:12:34 +10:00
Teddy Reed
d8650c7630 Minor changes to support a Windows build 2016-03-08 10:47:38 -08:00
Teddy Reed
b5defa7436 Allow extensions to use the backing store 2016-03-08 08:56:03 -08:00
Teddy Reed
53c108d02e Merge pull request #1902 from theopolis/remove_glog 
Remove Glog from third-party build
 2016-03-07 14:53:32 -08:00
Teddy Reed
956ce75601 Remove Glog from third-party build 2016-03-07 12:54:00 -08:00
Teddy Reed
5f8fa32e21 [Fix #1901] Tear down TLS server runner 2016-03-07 09:38:37 -08:00
Teddy Reed
677c448dea Merge pull request #1897 from theopolis/remove_rdb 
Refactor backing storage
 2016-03-06 21:09:23 -08:00
Teddy Reed
afd17f8134 1. Reorganize RocksDB database handle into a plugin 
2. Introduce a SQLite-based database plugin
3. Refactor database usage to include local 'fast-calls'
4. Introduce an 'ephemeral' database plugin for testing (like a mock)
 2016-03-06 20:40:16 -08:00
Teddy Reed
5fbde8ec4f [Fix #1892] Build devmapper statically 2016-03-04 20:09:43 -08:00
Bruce Mitchener
2f61e18e56 Fix typos in example conf. 2016-03-01 13:07:07 +07:00
Matt Michie
b806529313 Update initd script to respect LSB values 
The LSB init syntax is different than chkconfig, this was breaking Debian installation.
 2016-02-24 13:59:10 -08:00
Teddy Reed
c314428c66 Merge pull request #1871 from theopolis/more_tests 
Add fstests and reduce SQLite scope
 2016-02-23 23:54:25 -08:00
Teddy Reed
897b2225b1 Add fstests and reduce SQLite scope 2016-02-23 17:09:02 -08:00
Teddy Reed
08a1d852a2 Add CXXFLAGS to deps build 2016-02-22 22:12:06 -08:00
Lex Neva
bcc901780f fix typo in config example 2016-02-22 11:37:29 -05:00
Teddy Reed
69e08f994e Allow build.sh target overrides 2016-02-22 00:10:48 -08:00
Teddy Reed
4d41f7e5ba [Fix #1746] Add SNI options for TLS plugins 2016-02-19 22:39:29 -08:00
Baraa Hamodi
21c2237eca [osquery] Update copyright headers to new format. 2016-02-11 11:48:58 -08:00
Teddy Reed
4031e299bb Cleanup/stabilize file_events-related APIs 2016-02-10 22:50:38 -08:00
Teddy Reed
02eb57fc47 Merge pull request #1832 from theopolis/pack_valid 
Valid bool in packs for shard/plaform/version checking
 2016-02-06 20:29:55 -08:00
Teddy Reed
cf22d4c60e Fix -A/.all contention via do_meta_command 2016-02-06 19:20:25 -08:00
Teddy Reed
a2754a01ef Valid bool in packs for shard/plaform/version checking 2016-02-06 17:54:56 -08:00
Teddy Reed
7f37304c77 Refactor dispatcher shutdown logic 2016-02-05 01:29:42 -08:00
Teddy Reed
5394fe62ec Add debug_package for OS X 2016-02-01 16:51:43 -08:00
Teddy Reed
3c09d69ef0 Remove deps and release from PR builds 2016-01-21 09:37:10 -08:00
Teddy Reed
d664c53ed0 Merge pull request #1784 from theopolis/docs_debug 
Rollup of several docs and build fixes.
 2016-01-20 15:56:53 -08:00
Teddy Reed
e4a8d74523 Fix RHEL7 systemd service 2016-01-20 14:31:02 -08:00
Teddy Reed
80a2e6f723 Merge pull request #1789 from theopolis/fix_1788 
[Fix #1788] Use an array for the 'data' key in TLS logs
 2016-01-20 12:18:21 -08:00
Teddy Reed
b9117b17a1 [Fix #1788] Use an array for the 'data' key in TLS logs 2016-01-20 11:59:14 -08:00
Scott J Roberts
1f0d5fb059 modified osqueryctl for flags based deploys 2016-01-20 13:00:49 -05:00
Teddy Reed
dfa32d9e7e Update OS X kernel building to include distro 2016-01-19 16:20:16 -08:00
Teddy Reed
e4593f86dc Update OS X package build script to use 10.11 2016-01-19 14:03:32 -08:00
Teddy Reed
1a12b41d76 Promote 10.11 to default darwin package builder 2016-01-16 15:47:26 -08:00
Teddy Reed
30b1627038 Merge pull request #1771 from theopolis/improve_tls 
Improve TLS logging memory
 2016-01-15 00:50:56 -08:00
Teddy Reed
d6e91c81e9 Improve TLS logging memory 2016-01-15 00:22:31 -08:00
Teddy Reed
ec119f852f Merge pull request #1766 from sharvilshah/wifi_plist_parsing_fix 
[Fix #1760] Fix wifi_networks for OS X 10.9
 2016-01-14 00:58:09 -08:00
Sharvil Shah
826643adf8 [Fix #1760] wifi_networks now takes into account slight differences b/w OS X 10.9 and later 2016-01-13 22:52:52 -08:00
Teddy Reed
0ff07096bd [#1641] Add CentOS 7 systemd service and sysconfig 2016-01-13 09:27:54 -08:00
Teddy Reed
18528e7750 Merge pull request #1761 from theopolis/fix_benchmarks 
Unify build script and fix EVENTS benchmarks
 2016-01-12 18:11:24 -08:00
Teddy Reed
832c3cfcce Unify build script and fix EVENTS benchmarks 2016-01-12 17:09:52 -08:00
Teddy Reed
21b3af199e Allow packs to add file_path categories 2016-01-08 17:59:19 -08:00
Teddy Reed
7c38cf17d9 Add support for make packages on Debian 2016-01-07 23:50:31 -08:00
Sharvil Shah
82995771e1 Build on Debian 7 (Wheezy) 
Install GCC 4.8.4 from source, so that we have C++11 features
and can build RocksDB

Fix #1745
 2016-01-05 16:31:20 -08:00
Teddy Reed
41b5ca545f [Fix #1736] Do not cache TLS node key within enroll plugin 2015-12-17 16:44:30 -08:00
Teddy Reed
2ec5d34291 Bump non-OS X TSK builds to 4.2.0 2015-12-14 23:43:08 -08:00
Teddy Reed
fbc8fb92dc Allow --config_dump with watcher 2015-12-14 16:19:37 -08:00
Teddy Reed
1636abeed6 Update Fedora to use dnf, RocksDB to 4.1 2015-12-14 15:24:11 -08:00
Teddy Reed
2fe800d9b8 Add ASAN blacklists for GFlags and RocksDB 2015-12-14 15:09:46 -08:00
Teddy Reed
9d394065e3 [#1636] Add simple sharding to packs and pack queries 2015-12-10 10:01:53 -08:00
Teddy Reed
b88d6816f3 Additional TSK tables 2015-12-07 08:36:22 -08:00
Teddy Reed
c020bb87b4 Merge pull request #1705 from theopolis/dump 
[#1702] Add config and database dumping to stdout
 2015-12-06 21:41:31 -08:00
pathcl
6c8cc20117 PEP8 Compliance && Python 3.X compatibility 
Signed-off-by: Teddy Reed
Merge-conflicts-by: Teddy Reed

Closes: #1586
 2015-12-06 20:57:30 -08:00
Teddy Reed
9ebd292eb6 [#1648] Support multiple loggers 2015-12-06 11:10:10 -08:00
Teddy Reed
fef53fa0d0 Add config and database dumping to stdout 2015-12-06 11:01:26 -08:00
Teddy Reed
1acba4dfa6 Merge pull request #1700 from theopolis/tsk2 
TSK integration and example tables
 2015-12-04 11:26:03 -08:00