valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,987 Commits 2 Branches 109 Tags 25 MiB
35839fd5e2
Commit Graph

125 Commits

Author SHA1 Message Date
Nick Anderson
4ac3f42656 [Fix #3619] Better shutdown logic for Windows service controller (#3698) 2017-09-18 14:15:09 -07:00
Nick Anderson
072e73b54d shell: ensuring shell does not access stop event (#3664) 2017-09-08 13:03:31 -07:00
Nick Anderson
2a317ce17f worker: shutdown safely on Windows only if not worker (#3628) 2017-08-30 08:45:56 -07:00
Teddy Reed
f29de27649 Combine osqueryi and osqueryd into single binary (#2742) 2017-08-27 11:09:25 -07:00
Teddy Reed
f8f5718297 watcher: Do not initialize the config in watcher (#3403) 2017-06-13 17:26:34 -07:00
Teddy Reed
70f30b99d8 watcher: Rename instance to get for consistency (#3359) 2017-05-29 17:16:19 -07:00
Teddy Reed
f6f9480874 extensions: Preserve environment in auto-loaded extensions (#3101) 2017-03-24 18:47:23 -07:00
Teddy Reed
69bb69fd6d events: Inspect schedule and improve tests (#3087) 2017-03-20 22:03:09 -07:00
Teddy Reed
0e9733f94c Simplify Registry and plugin concepts (#2887) 2017-01-07 12:21:35 -08:00
Teddy Reed
e9bbe1d624 Add Linux audit benchmarks (#2834) 2016-12-03 12:36:55 -08:00
Teddy Reed
62608f9a08 Minor reorganization of osqueryi linking (#2724) 2016-11-06 01:17:48 -08:00
Jonathan Lee
f529fc3a30 [Fix #2652] Shorten long lines (#2664) 2016-10-21 22:08:59 -07:00
Nick Anderson
87c9a6ae24 Adding cppcheck analysis script (#2661) 2016-10-21 14:27:10 -07:00
Nick Anderson
81d2794b26 platformGetUid returns 0 for Administrator user (#2643) 2016-10-19 10:25:32 -07:00
Teddy Reed
9a0c5c4556 deps: Use linenoise-ng for all platforms (#2613) 2016-10-11 22:16:21 -07:00
yying
7b5365d986 Ability to parse arguments for Windows Services (#2536) 2016-09-27 14:40:44 -07:00
Teddy Reed
4d1451c9b4 Add extensions SDK incompatibility checking (#2527) 2016-09-26 17:32:41 -07:00
yying
bb7d558681 Update service status to prevent "Terminated Unexpectedly" error (#2515) 2016-09-23 20:05:56 -07:00
Nick Anderson
83442532d7 Added flagfile to Windows service install (#2509) 2016-09-22 17:44:21 -07:00
Nick Anderson
5877c3d464 Removing service start functionality (#2464) 2016-09-16 15:17:03 -07:00
Nick Anderson
386f123e03 Changing windows service name for parity with other platforms (#2465) 2016-09-16 15:16:48 -07:00
yying
a27d6567e4 Core and Additional Tests (#2441) 2016-09-12 09:46:52 -07:00
yying
84e6a3401a Reducing compiler warnings and fails on warn in VS (#2433) 2016-09-02 15:04:03 -07:00
Nick Anderson
feb18c6173 Adding install/uninstall flags to daemon (#2379) 2016-08-17 09:23:11 -07:00
Gary
8f57d2ea81 Change second FLAGS_pofile_delay to seconds (#2359) 2016-08-15 08:30:20 -07:00
Teddy Reed
791dd4038a [Fix #2342] Use seconds for --profile_delay precision (#2348) 2016-08-11 07:49:55 -07:00
Teddy Reed
f3f605e26a Introduce a PLATFORM_MASK and isPlatform (#2334) 
Along with the platform defines and platform string defines provided by
CMake to the build, add a PLATFORM_MASK define.

Use this define as a platform-type mask with the PlatformType enum.
 2016-08-09 20:27:42 -07:00
yying
0ef284b8e7 Changes to make osqueryd/osqueryi mostly build sans cputime/uptime tables (#2283) 2016-07-25 11:58:55 -07:00
yying
2fb3797c53 Changes to support building a osquery Windows service. (#2278) 2016-07-22 13:29:37 -07:00
yying
547e8f961c CMake configuration file changes to support Windows (#2258) 2016-07-20 23:48:55 -07:00
Zachary Wasserman
8161a5f0a8 Add autocompletion of table names in osqueryi (#2236) 2016-07-14 14:15:32 -07:00
Teddy Reed
48cb4d555d Add systemLog API (#2229) 
This includes a minor SDK refactor as it move quite a few specialized
functions and facilities from core.h into system.h. There was a breaking point
for needing to frequently update core includes.

The new logger systemLog function allows a call site to bypass logging config
and write a line to the OS logger (aka syslog).
 2016-07-07 15:16:28 -07:00
artemdinaburg
e6fbde820e Windows Daemon/Shell: Make osquery code more Windows-friendly (#2188) 2016-07-01 14:56:07 -07:00
Nick Anderson
cf30388705 Moved test_utils to it's own directory out of core. Updated references (#2154) 2016-06-09 10:49:26 -07:00
Sharvil Shah
8b0e6e138f Fix benchmark target and bump version of google-benchmark to 1.0.0 (#2065) 2016-05-19 11:56:54 -07:00
yying
15d1455957 Process Operations - osquery/core Integration (#2087) 
This integrates the process abstraction operations within osquery core.
 2016-05-13 19:47:45 -07:00
Teddy Reed
0ffe0c9d16 Add --pack flag to the shell (#2093) 
This introduces a new testing-related flag to the osqueryi shell.
The --pack flag takes a single argument, the name of a configured pack.

To list the configured packs try:
$ osqueryi -A osquery_packs

To run all queries, immediately and serially, try:
$ osqueryi --pack NAME_OF_PACK
 2016-05-12 09:22:05 -07:00
yying
63c0258aec Abstracted platform specific process operations into a common interface. (#2069) 
Added Windows support for process operations.
Added unit tests for process abstraction code for POSIX and Windows.
Modified CMake config files to support building the new code and unit tests.
 2016-05-11 14:16:32 -07:00
Teddy Reed
ebb0ab30ce Fix shell's --profile switch 2016-03-20 16:05:13 -07:00
Teddy Reed
15a998e54f Use the default shutdown flow within extensions 2016-03-20 01:45:49 -07:00
Teddy Reed
3de52846d0 Remove boost::thread 2016-03-11 11:50:44 -08:00
Teddy Reed
afd17f8134 1. Reorganize RocksDB database handle into a plugin 
2. Introduce a SQLite-based database plugin
3. Refactor database usage to include local 'fast-calls'
4. Introduce an 'ephemeral' database plugin for testing (like a mock)
 2016-03-06 20:40:16 -08:00
Teddy Reed
b21c2ed943 [#1816] Refactor DB instance management 2016-02-25 19:07:52 -08:00
Baraa Hamodi
21c2237eca [osquery] Update copyright headers to new format. 2016-02-11 11:48:58 -08:00
Teddy Reed
48a1adf77b Allow extensions autoloading in osqueryi 2016-02-10 10:20:23 -08:00
Teddy Reed
7f37304c77 Refactor dispatcher shutdown logic 2016-02-05 01:29:42 -08:00
Teddy Reed
5394fe62ec Add debug_package for OS X 2016-02-01 16:51:43 -08:00
Teddy Reed
a3a05e7e1e [#1527] Add a --profile option to the shell, replace 'run' 2015-11-21 22:45:40 -08:00
Teddy Reed
b29168a7b7 Use a null DB for the run test binary 2015-11-04 10:39:40 -08:00
Teddy Reed
944e3de206 Merge pull request #1496 from theopolis/events_table 
[#1487] Add osquery_events table to track pubsub stats
 2015-09-14 15:27:35 -04:00