valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 18:33:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,295 Commits 2 Branches 109 Tags 25 MiB
3548e7ea63
Commit Graph

1295 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teddy Reed
6bd6fce8f5 Merge pull request #614 from maus-/initscript 
Added basic init script
 2015-01-13 19:06:13 -08:00
Teddy Reed
dc292a867e Merge pull request #618 from theopolis/iokit_silence 
Treat IOKit HID failures as warnings
 2015-01-13 19:04:28 -08:00
Teddy Reed
367709429e Treat IOKit HID failures as warnings 2015-01-13 17:25:11 -08:00
maus-
93e03b5553 Rename osquery.initd to osqueryd.initd 2015-01-13 16:39:00 -08:00
maus-
d5e6d3eab8 Delete osqueryd.initd 2015-01-13 16:38:49 -08:00
maus-
d16af10d23 Cleaned up wording 2015-01-13 16:38:11 -08:00
Teddy Reed
4db7c90758 Merge pull request #608 from theopolis/linux_ports 
Moved socket_inode on Linux to process_open_files
 2015-01-13 14:54:35 -08:00
Teddy Reed
a709a34220 Merge pull request #605 from theopolis/fix_599 
[Fix #599] Rename kextstat->kernel_extensions
 2015-01-13 14:53:32 -08:00
Teddy Reed
47d5a795a9 Merge pull request #613 from theopolis/qc_tests 
QueryContext unit tests and splay/config updates
 2015-01-13 14:28:25 -08:00
Teddy Reed
b6e72c2f01 Merge pull request #615 from theopolis/centos_makeinfo 
Add texinfo to CentOS provision
 2015-01-13 14:19:35 -08:00
Teddy Reed
ac0f2f96e4 Split OSX process_open_files into files/sockets 2015-01-13 11:05:54 -08:00
Teddy Reed
f0eec6fbe3 Adding listening_ports to Linux 2015-01-13 09:51:40 -08:00
Teddy Reed
bb6f313c6c Moved socket_inode on Linux to process_open_files 2015-01-13 08:26:47 -08:00
maus-
112425feed Updated as per your notes 
A couple of things to note

The script still makes the assumption of having a config in /etc/osquery/osquery.conf however it now checks to see if there is the default example config in /usr/share/osquery/osquery.example.conf and alerts the user that it's using the default. 

To prevent having the pidfile being set in two different locations, it would be nice if the osqueryd application settings could be stored with the standard key=value approach. This would allow the init script to source the config at runtime. The downside however would that the init script still makes the assumption that the location of osquery.conf is standardized. 

I'm not really sure why the pidfile needs to go in the osquery directory anyway, considering most pidfiles for daemons like this typically exists in /var/run/$program.pid which actually would be a nicer default as it removes the requirement of having the folder there in /var. I'd prefer to not keep osquery in /var anyway. 

same goes for the lockfile. Typically you'd never bother with this setting and you'd keep it in /var/lock/subsys/$progname
 2015-01-12 16:25:38 -08:00
Teddy Reed
eaad95b181 Add texinfo to CentOS provision 2015-01-12 15:38:16 -08:00
Teddy Reed
15c3551bdd Remove gtest include from tables 2015-01-12 15:30:32 -08:00
a wizard named upfish
7686104e27 added init script 2015-01-12 14:56:47 -08:00
Teddy Reed
376a438516 Moving splay to scheduler and adding config logging 2015-01-12 12:53:05 -08:00
Teddy Reed
84ef94ce9d Testing for table query constraints 2015-01-12 12:52:29 -08:00
Javier Marcos
d2f97169d0 Merge pull request #612 from facebook/rubygems_fix_ubuntu12 
Installing gems in Ubuntu 12 to avoid error
 2015-01-12 11:40:43 -08:00
Javier Marcos
d9b41f81b9 Installing gems in Ubuntu 12 to avoid error 2015-01-12 11:32:48 -08:00
Teddy Reed
3b9c7a7b51 Merge pull request #609 from theopolis/events_fix 
Fix shouldFire pubsub virtual
 2015-01-11 20:04:52 -08:00
Teddy Reed
465db46628 Fix shouldFire pubsub virtual 2015-01-11 19:51:54 -08:00
Teddy Reed
597b5ed4be Merge pull request #606 from theopolis/linux_network 
Implement interface_addresses, interface_details for Linux
 2015-01-11 14:40:23 -08:00
Teddy Reed
7ea451522e Merge pull request #604 from theopolis/fix_600 
[Fix #600] Additional Linux-flavor tables should be additive
 2015-01-11 00:39:46 -08:00
Teddy Reed
6deeba39c9 Merged Linux/OSX interfaces implementation 2015-01-11 01:39:16 -07:00
Teddy Reed
6dfc5d88f4 Added interfaces to Linux 2015-01-11 00:42:23 -07:00
Teddy Reed
a2cc1c85ea [Fix #599] Rename kextstat->kernel_extensions 2015-01-11 00:38:03 -07:00
Teddy Reed
50165a8808 [Fix #600] Additional Linux-flavor tables should be additive 2015-01-11 00:34:41 -07:00
Teddy Reed
082f816571 Merge pull request #598 from theopolis/remove_unwind_2 
Remove libunwind from glog and osquery
 2015-01-10 23:23:34 -08:00
Teddy Reed
10fafa6299 Support make package 2015-01-10 23:02:32 -08:00
Teddy Reed
c7f92598ad Building glog on CentOS 6.6 2015-01-10 22:12:38 -08:00
Teddy Reed
c5cbf992ad Remove installed unwind headers 2015-01-10 20:38:31 -07:00
mike@arpaia.co
9bdd6fe7a3 removing unwind dep in CMakeLists 2015-01-10 13:03:23 -07:00
mike@arpaia.co
a0a404acc1 removing the dependency on unwind 
Moving glog to third-party so that we can custom compile it so that
we no longer have the dependency on libunwind. #578
 2015-01-10 13:02:30 -07:00
Mike Arpaia
9308729d52 Merge pull request #587 from theopolis/package_basics 
Package basics
 2015-01-09 16:35:17 -05:00
Teddy Reed
18d93d8cbc Building DEB/RPM package dependencies 2015-01-09 12:24:54 -08:00
Zachary Wasserman
828a430b5b Merge pull request #583 from zwass/make_typo 
Fix typo in build logging
 2015-01-08 09:44:38 -08:00
Teddy Reed
a4e236e16a Simpler OSX package building 2015-01-07 20:01:33 -08:00
Teddy Reed
45ee10f162 More complete make package 2015-01-07 16:07:19 -08:00
Teddy Reed
454fb01e98 Merge pull request #584 from theopolis/config_example 
Provide example config, improve pid check
 2015-01-07 16:05:42 -08:00
Teddy Reed
2ad15763e2 Provide example config, improve pid check 2015-01-07 15:22:50 -08:00
Zachary Wasserman
3fbb878f84 Fix typo in build logging 2015-01-07 11:02:40 -08:00
Teddy Reed
dbb7050376 Merge pull request #575 from theopolis/fix_574 
[Fix #574] Undef DEBUG for apt-pkg for make debug
 2015-01-06 07:29:02 -08:00
Teddy Reed
b2c3fa9ff1 Merge pull request #576 from theopolis/fixups 
[Fix #559] Detach event publisher threads when ending
 2015-01-06 06:54:14 -08:00
Teddy Reed
27541d4260 [Fix #574] Undef DEBUG for apt-pkg for make debug 2015-01-06 06:53:42 -08:00
Teddy Reed
f865647d0c [Fix #545] Simpler socket_info parsing in process_open_files 2015-01-06 06:23:48 -08:00
Teddy Reed
df3029e880 [Fix #559] Detach event publisher threads when ending 2015-01-05 19:07:08 -08:00
Teddy Reed
182cdb713e Small fix for a make jobserver race in gentable 2015-01-05 18:11:10 -08:00
Teddy Reed
c61047c79f Merge pull request #570 from maclennann/apt_sources 
apt_sources table
 2015-01-05 17:52:14 -08:00