valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,287 Commits 2 Branches 109 Tags 25 MiB
2ac7dc6b64
Commit Graph

4287 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mitchell Grenier
7c95e98551
Fix Ryzen Core Count (#3432) 2017-11-22 20:33:09 -08:00
uptycs-nishant
9d46d9cb5f http_client: Fix for issue-3953 (#3958) 2017-11-22 16:26:54 -08:00
Teddy Reed
1cedf8d573
tables: Add basic Intel ME table returning version (#3956) 2017-11-22 00:39:18 -08:00
Mitchell Grenier
a73233263b Renaming the key_events table to user_interaction_events and adding mouse down (#3951) 2017-11-21 23:43:52 -08:00
Chris Long
93850b69f9 Adding detection for new "Symantec" Proton variant (#3952) 2017-11-21 23:27:04 -08:00
Nick Anderson
1239c8ccc5
tables: expanding windows programs table to encompass apps without GUID (#3945) 2017-11-20 08:21:21 -08:00
Nick Anderson
3d7f7cf037
tables: adding type column to users table to differentiate local users (#3946) 2017-11-20 08:21:06 -08:00
Nick Anderson
cb401f9ded
tables: adding certificate store to the cert path for Windows table (#3947) 2017-11-20 08:20:52 -08:00
Teddy Reed
3ad5267642
[Fix #3941] Stop renaming worker and extension argv[0] (#3943) 2017-11-20 07:24:55 -08:00
Teddy Reed
80cebc8318
extensions: Add 5min timeouts for read and send client calls (#3847) 2017-11-20 07:23:41 -08:00
Teddy Reed
120c0ee62e
Stop latent autoloaded extensions and apply an initial delay (#3944) 2017-11-19 18:56:42 -08:00
Teddy Reed
16d92d1dc6
docs: Remove quotes from flags documentation (#3937) 2017-11-18 15:22:33 -08:00
Teddy Reed
523ad777a8
[Fix #3931] Remove removed results correctly (#3938) 2017-11-18 15:21:11 -08:00
Chris Long
8e10156a1f Creating a windows-hardening pack and moving queries there (#3935) 2017-11-18 09:20:53 -08:00
Nick Anderson
ec2fc1a0c1
deployment: allowing for extra files to be bundled (#3936) 2017-11-17 09:23:10 -08:00
Teddy Reed
3f1a90c56b
website: Update building osquery blog article with office hours (#3933) 2017-11-16 15:01:24 -08:00
Teddy Reed
5ad0e599fc
website: Small blog post about community efforts (#3932) 2017-11-16 12:28:42 -08:00
Nick Anderson
582f638706
deploy: allowing for MSI packages to upgrade previous installers (#3927) 2017-11-16 07:50:01 -08:00
Nick Anderson
e43cb5f6fb
packs: fixing malformed win attack pack (#3928) 2017-11-15 21:46:48 -08:00
Nick Anderson
f7fe7861e2
docs: Adding details on installing osquery on Windows as a service (#3705) 2017-11-15 13:20:22 -08:00
Nick Anderson
da5106f78c
packs: updating query versions in windows attack packs (#3926) 2017-11-14 20:48:21 -08:00
isairamm
4d4a84e370 packs: Query to identify ccleaner malware (#3790) 2017-11-14 20:44:39 -08:00
Teddy Reed
d34d62186d
website: Add 2.10.2 release (#3925) 2017-11-14 18:36:12 -08:00
Chris Long
6fc5916a73 Adding queries to windows-attacks, fix version, nits (#3922) 2017-11-14 16:29:47 -08:00
Michal Sekletar
66977bf116 Print correct address family id for AF_UNIX sockets (#3909) 2017-11-11 13:26:39 -08:00
Mitchell Grenier
c3a2171ebc Tighten up the event tapping code (#3917) 2017-11-09 13:21:22 -08:00
Babatunde Micheal Okutubo
9fd2be038c Virtual table: Iptables port feature #3621 (#3897) 2017-11-08 18:02:44 -08:00
Teddy Reed
6aa127dcde
packages: Use source repo git describe for packages (#3914) 2017-11-08 17:40:50 -08:00
RJ Bergeron
47a236ead4 add post-installation script to reload systemd unit files on upgrade 2017-11-03 21:48:14 -07:00
Magicansk
8bf2d9e592 docs: Update process-auditing yara and debugging 2017-11-03 21:36:02 -07:00
Mitchell Grenier
beca5e68e9 Require root permissions to start the event tapping framework (#3849) 2017-11-01 07:31:50 -07:00
Teddy Reed
5245f7bcf3
tables: Refactor ssl_cert into curl_certificate (#3903) 2017-11-01 07:30:22 -07:00
Teddy Reed
8597db5f11
tables: Move the curl table to all platforms (#3904) 2017-10-31 23:44:46 -07:00
Victor Vrantchan
ddd463419a website: Add community links to kolide blog (#3901) 2017-10-31 22:51:19 -07:00
uptycs-nishant
bd28a4598e Conditionally adding port along with host name as host header value (#3899) 2017-10-31 21:00:51 -07:00
Nick Anderson
573cf5fc11
tables: porting the ssl cert to Windows (#3894) 2017-10-30 22:46:45 -07:00
Nick Anderson
b1355c4441
tables: Adding a Named Pipes table for Windows (#3893) 2017-10-30 22:46:28 -07:00
andy152
0af1a6606c tables: Added macOS firewall applications to the alf_exceptions tables (#3884) 2017-10-30 22:38:09 -07:00
Teddy Reed
a7c2669ba3
tidy: Improve clang-tidy (modernize) list of checks and run across codebase (#3870) 2017-10-29 22:25:49 -07:00
uptycs-nishant
efe32b45d5 Fix for issue-3853: using higher precision arithmetic (#3892) 2017-10-29 22:18:51 -07:00
Teddy Reed
9422a9f631
release: Update website release to 2.10.0 (#3895) 2017-10-28 19:16:36 -07:00
Babatunde Micheal Okutubo
ff1ae545e8 tables: SSL cert table for posix #3811 (#3839) 2017-10-28 13:28:17 -07:00
Chris Long
5c25184c15 packs: Adding a pack for unwanted chrome extensions (#3889) 2017-10-26 08:34:16 -07:00
Tom de Vries
fe98652348 documentation: Fix typos (#3886) 2017-10-26 08:25:44 -07:00
Teddy Reed
e3b80ea232 release: Do not install rpm for macOS release (#3885) 2017-10-25 01:04:24 -07:00
Alessandro Gario
58fa4a6899 Verbose logging when spawning services (#3689) 2017-10-24 19:55:05 -07:00
Teddy Reed
4aa3db30ca [Fix #3859] Lock every access to SQLiteDBInstance::db (#3883) 2017-10-24 11:40:26 -07:00
Javier Marcos
f256c3a75c Pointing tables/schema documentation to new locations (#3878) 2017-10-24 11:40:09 -07:00
Teddy Reed
5a5e467e96 release: Add sign_release script (#3875) 2017-10-24 11:39:17 -07:00
Teddy Reed
9b3d02ff2f remote: Various refactors for the http_client (#3882) 2017-10-24 10:08:42 -07:00