valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
494 Commits 2 Branches 109 Tags 25 MiB
2346fa00d5
Commit Graph

494 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Javier Marcos
1401a279a2 Fixed Mac broken build and added building capabilities for Linux 2014-10-02 16:30:29 -07:00
Javier Marcos
84a79855e7 Using clang to build all and refactoring using functions 2014-10-02 16:30:29 -07:00
Javier Marcos
7f5d1eee8c Fixes broken build in Mac OSX 2014-10-02 16:30:29 -07:00
Javier Marcos
06b35c45f0 Adding support to build in Ubuntu 12 2014-10-02 16:30:29 -07:00
Javier Marcos
692da4127b Fixed Mac broken build and added building capabilities for Linux 2014-10-02 23:25:39 +00:00
Javier Marcos
126f66bfa3 Using clang to build all and refactoring using functions 2014-10-02 22:54:55 +00:00
mike@arpaia.co
0f840d4ec4 install rocksdb from source 2014-10-02 15:24:59 -07:00
mike@arpaia.co
6d7992a6c1 installing lz4 on OS X 2014-10-02 15:11:54 -07:00
mike@arpaia.co
569545648d lz4 2014-10-02 14:51:18 -07:00
Javier Marcos
fc75d22f99 Fixes broken build in Mac OSX 2014-10-02 18:55:18 +00:00
Javier Marcos
7c1afd1558 Adding support to build in Ubuntu 12 2014-10-02 17:58:56 +00:00
mike@arpaia.co
2348460ca4 Revert "Support for Ubuntu 12, precise" 
This reverts commit ed0e051eba.
 2014-10-01 23:00:23 -07:00
Javier Marcos
ed0e051eba Support for Ubuntu 12, precise 2014-10-02 01:24:23 +00:00
mike@arpaia.co
764619c849 Adding a function to read tomcat configs from disk 2014-09-30 19:59:52 -07:00
mike@arpaia.co
c8fded9498 comments for tomcat 2014-09-30 19:54:44 -07:00
Mike Arpaia
3fb8c8a5d4 Merge pull request #183 from facebook/tomcat-users 
Adding a function to parse the Tomcat users XML file
 2014-09-30 19:51:54 -07:00
mike@arpaia.co
196ec880ab Adding a function to parse the Tomcat users XML file 
This is apart of a bigger, better virtual table idea that @carnal0wnage
had.
 2014-09-30 19:49:38 -07:00
Teddy Reed
bf8209ca90 Merge pull request #182 from facebook/events_docs 
[events] Added remaining doxy comments
 2014-09-30 15:00:08 -07:00
Teddy Reed
ef044c4a72 [events] Added remaining doxy comments 2014-09-30 12:50:14 -07:00
Teddy Reed
5201fd8509 Merge pull request #181 from facebook/less_shared_ptrs2 
EventFactory, Dispatcher as singletons
 2014-09-29 21:44:06 -07:00
Teddy Reed
6eb9c5fd44 EventFactory, Dispatcher as singletons 2014-09-29 20:47:24 -07:00
Abe Stanway
5b3152230f Remove old generated table dir from gitignore 2014-09-27 19:15:27 +00:00
Teddy Reed
588f1198f3 Merge pull request #174 from facebook/passwd_changes_vtable 
[events] Events lifecycle complete, passwd_changes vtable
 2014-09-26 21:13:52 -07:00
Teddy Reed
ed338e8356 [events] Events lifecycle complete, passwd_changes vtable 2014-09-26 12:58:32 -07:00
Mike Arpaia
8e651f1140 Merge pull request #178 from facebook/sql-class 
SQL class for executing queries
 2014-09-26 00:40:43 -07:00
mike@arpaia.co
0c783ebf0a Migrating internal usage of osquery::query to osquery::SQL 2014-09-26 00:34:56 -07:00
mike@arpaia.co
7076aa813c SQL class for executing queries 
implements #141
 2014-09-26 00:28:18 -07:00
Mike Arpaia
2aafb3c843 Merge pull request #177 from facebook/shell_output 
Pretty shell results
 2014-09-25 21:41:39 -07:00
mike@arpaia.co
636ced854f Pretty shell results 
Example:

```
osquery> select name, program || program_arguments as executable from launchd limit 5;

+----------------------------------+-------------------------------------------------------------------------------+
| name                             | executable                                                                    |
+----------------------------------+-------------------------------------------------------------------------------+
| bootps.plist                     | /usr/libexec/bootpd                                                           |
| com.apple.afpfs_afpLoad.plist    | /System/Library/Filesystems/AppleShare/afpLoad                                |
| com.apple.afpfs_checkafp.plist   | /System/Library/Filesystems/AppleShare/check_afp.app/Contents/MacOS/check_afp |
| com.apple.AirPlayXPCHelper.plist | /usr/libexec/AirPlayXPCHelper                                                 |
| com.apple.airport.wps.plist      | /usr/libexec/wps                                                              |
+----------------------------------+-------------------------------------------------------------------------------+
osquery> .tables
  => alf
  => alf_exceptions
  => alf_explicit_auths
  => alf_services
  => apps
  => ca_certs
  => etc_hosts
  => interface_addresses
  => interface_details
  => kextstat
  => last
  => launchd
  => listening_ports
  => nvram
  => osx_version
  => processes
  => routes
  => time
```
 2014-09-25 21:39:07 -07:00
mike@arpaia.co
82bf365c5f Add space in error message 
[skip ci]
 2014-09-25 12:25:49 -07:00
Abe Stanway
663e6756d7 Add libboost_regex.a 2014-09-25 19:18:47 +00:00
Mike Arpaia
a0b3839d9f Merge pull request #173 from facebook/130 
Adding permissions check around setting default log directory #130
 2014-09-25 10:31:07 -07:00
mike@arpaia.co
0387fde8b8 Adding permissions check around setting default log directory #130 2014-09-25 10:26:39 -07:00
Mike Arpaia
4411969959 Merge pull request #172 from facebook/ci-script 
central build script
 2014-09-25 02:18:47 -07:00
mike@arpaia.co
4cd40c7f19 central build script 2014-09-25 02:00:16 -07:00
Mike Arpaia
2f8a8a3e08 Merge pull request #171 from facebook/perm_updates 
Adding some perm updates
 2014-09-25 00:44:14 -07:00
mike@arpaia.co
70eff22898 Adding some perm updates 2014-09-25 00:27:07 -07:00
Mike Arpaia
2c14b44fb4 Update README.md 2014-09-24 21:50:48 -07:00
Mike Arpaia
5bdd64ee97 Update README.md 2014-09-24 21:49:23 -07:00
Mike Arpaia
7475f9e728 Update README.md 2014-09-24 18:10:33 -07:00
Mike Arpaia
e1fa406096 Merge pull request #165 from facebook/travis 
travis
 2014-09-24 18:06:32 -07:00
mike@arpaia.co
135dd0dbe4 TravisCI configuration 2014-09-24 18:05:33 -07:00
Teddy Reed
86cad38784 Merge pull request #166 from facebook/events_updates 
Events updates
 2014-09-24 14:01:00 -07:00
Teddy Reed
8aaecefec0 Merge branch 'master' of github.com:facebook/osquery into events_updates 2014-09-24 13:55:42 -07:00
Teddy Reed
9220da7e3d [events] Registry integration 2014-09-24 12:43:14 -07:00
mike@arpaia.co
5f4108c503 Moving all boost smart pointers to std smart pointers 2014-09-24 10:54:59 -07:00
Teddy Reed
9a2d299424 [events] Events and registry coordination 2014-09-24 10:46:37 -07:00
mike@arpaia.co
d7546de036 Relocatable build 
Making it such that osquery doesn't need to be built in the repo "build"
subdirectory. gentable.py now accepts a positional argument which
indicates the output (which is calculated by cmake) so they don't have
to agree on a destination ahead of time.
 2014-09-24 01:58:12 -07:00
mike@arpaia.co
3753189e4a improving the makefile output 2014-09-24 01:28:34 -07:00
mike@arpaia.co
beeb6d827f moving make format to cmake 2014-09-23 23:38:23 -07:00