osquery-1

mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00

Author	SHA1	Message	Date
Giorgi Guliashvili	386ccb5e96	disable malfunctioning new features on the fly using killswitch (#4671 )	2018-07-18 22:11:19 +01:00
Giorgi Guliashvili	61b66559fa	remove old version of schedule from the codebase and tests (#4707 )	2018-07-14 19:18:28 +01:00
Teddy Reed	fa4f63fb84	tables: Remove lexical_cast include from tables (#4683 )	2018-07-14 11:42:44 -04:00
Vova Mishatkin	0cc9b84e4f	Add tests for file_paths_query (#4693 )	2018-07-11 18:29:55 +01:00
Teddy Reed	6d5f94b2c6	flags: Separate flags and flagalias (#4682 )	2018-07-10 23:04:39 -04:00
Vova Mishatkin	dbac4ea67c	Add the ability to specify file_paths with sql queries (#4678 )	2018-07-10 16:24:13 +01:00
Max Kareta	6ab2a83a61	Refactor/cmake 5 (#4642 )	2018-06-26 16:54:08 +01:00
Alexander	f9e9fdb962	Remove unused unused mutex 'config_valid_mutex_' from config (#4637 )	2018-06-26 16:01:28 +01:00
Filipe Manco	b67fc0eb28	Comment out unused parameter to make linter happy (#4606 )	2018-06-19 22:02:32 +01:00
iBigQ	0bce73c846	Parse structured options as string (#4567 ) * Parse structured options as string * Added option parsing test * fix option json test * fix formating	2018-06-19 17:11:51 +01:00
Max Kareta	4b8d7f0c53	moved from file(GLOB); added CMAKE_CURRENT_LIST_DIR to support include syntax (#4582 )	2018-06-18 14:24:20 +01:00
Filipe Manco	b512f4be6d	ATCPlugin fix ctor initialization order (#4540 )	2018-06-13 17:17:28 +01:00
Alexander	4c2925743e	If config update call from extension failed, do not go further (#4517 )	2018-06-08 10:15:46 -07:00
Mitchell Grenier	6ea8ceb944	Allow ATC to ignore DB locking (#4414 )	2018-06-06 12:30:31 -07:00
Alexander	e6f69e6480	Use std::vector instead of std::list for PackRef in Config implementation (#4485 )	2018-06-04 09:46:54 -07:00
Alexander	a4ca8b1048	Rid off the shared_ptr using from config schedule (#4423 ) there is no reason to share this objects	2018-06-04 10:34:32 +01:00
Max Kareta	5aca61375f	reorganized includes to improve compile time (#4445 )	2018-05-30 00:17:40 +01:00
Filipe Manco	c485474ad6	Enable configure() calls on logger plugins (#4434 )	2018-05-29 09:58:07 +01:00
Filipe Manco	67f95baf6e	Fix files with no new line at eof (#4426 )	2018-05-24 20:12:31 +01:00
Alexander	8de02701f2	Apply const qualifier for Config::packs(...) method (#4387 )	2018-05-18 18:37:33 +01:00
Teddy Reed	201dd6d940	packs: Fix blacklist option bool assumption (#4400 )	2018-05-18 11:58:59 +01:00
Alexander	bfb6c13674	Add const qualifier to some Config methods (#4383 )	2018-05-11 09:36:48 +01:00
Alexander	1a48150be0	Pass name of query to lambda in Config::scheduledQueries by value (#4367 )	2018-05-09 14:56:19 +01:00
Nick Anderson	4125297158	tables: adds a Powershell events table to Windows (#4351 )	2018-05-07 10:26:43 -07:00
Mitchell Grenier	192ccaeaed	New ATC Tables (#4271 )	2018-05-04 13:54:14 -07:00
Teddy Reed	f5abb45919	Fast code audit for flags and dispatcher (#4355 )	2018-05-01 22:47:01 -04:00
Filipe Manco	161653b2b4	Make options parser ignore invalid options (#4345 )	2018-05-01 21:55:33 -04:00
Teddy Reed	349f401161	Move singleton accessors into implementations (#4347 )	2018-05-01 14:56:51 -04:00
Teddy Reed	4f531b9a7c	config: Parser keys should be objects or arrays (#4281 )	2018-04-13 10:10:53 -04:00
Filipe Manco	1bbdff8c7a	Replace ptree with JSON on serialization code (#4128 )	2018-03-01 00:36:24 +00:00
Teddy Reed	65a85799f5	extensions: Allow option accesses in extensions (#4142 )	2018-02-21 17:52:35 -08:00
Mitchell Grenier	3f7dda4475	Fix RapidJSON error asserting in configuration (#4086 )	2018-02-11 01:16:38 -08:00
Teddy Reed	483fbbb594	query: Force query results into proper order (#2947 )	2018-01-21 01:20:48 -05:00
Teddy Reed	90a737ead7	Replace most of boost::property_tree with rapidjson (#3910 )	2018-01-20 20:58:01 -05:00
Teddy Reed	f6d077cbf7	license: Change license to Apache 2.0 and GPLv2 (#4007 )	2017-12-18 16:04:06 -08:00
Teddy Reed	e71390ca82	config: Allow scheduled queries to set blacklist=false (#4005 )	2017-12-18 08:42:00 -08:00
Teddy Reed	33ab8b6e5d	config: Inspect blacklisted queries (#4004 )	2017-12-17 19:25:42 -08:00
Teddy Reed	70a214b8a6	logger: Remove invalid assumptions about status logging (#4001 )	2017-12-17 09:44:15 -08:00
Teddy Reed	13dfd0148c	audit: Force include and source files to be 100644 (#3971 )	2017-11-30 02:01:04 -08:00
Alessandro Gario	58fa4a6899	Verbose logging when spawning services (#3689 )	2017-10-24 19:55:05 -07:00
Teddy Reed	19930bfed3	logger: Reconfigure verbosity with logger_min_level (#3676 )	2017-09-09 19:11:56 -07:00
Allan Liu	1cd4ed949f	kafka logger: Kafka producer implemented as a Logger plugin (#3155 )	2017-09-09 10:38:01 -07:00
Seshu Pasam	6fab8b6083	logging: adding "counter" to differentiate initial results (#3651 ) When setting up alerts for differential logs data you might want to skip the initial added records. counter can be used to identify if the added records are all records from initial query of if they are new records. For initial query results that includes all records counter will be "0". For subsequent query executions counter will be incremented by 1. When epoch changes, counter will be reset back to "0".	2017-09-07 15:01:15 -07:00
Teddy Reed	cf170c4278	cleanup: Move query out of database header (#3576 )	2017-08-20 02:44:38 -07:00
uptycs-nishant	5a92d2c7f0	Implementing exclude paths for FIM (#3530 )	2017-08-19 19:59:23 -07:00
Teddy Reed	d6184f62b5	Set config refresh to 1 hour and fix retry (#3469 )	2017-07-17 22:28:11 -07:00
Teddy Reed	57f04c4c49	General code cleanup for the config (#3467 )	2017-07-17 11:38:21 -07:00
Lambda Conjecture	ecb9e2ccf2	Add Epoch marker to scheduled query results (#3378 )	2017-07-07 17:56:03 -07:00
Teddy Reed	28c10a415f	freebsd: Update Vagrantfile, config tests, and remove hidden visibility (#3419 )	2017-06-18 18:30:57 -07:00
Teddy Reed	f8f5718297	watcher: Do not initialize the config in watcher (#3403 )	2017-06-13 17:26:34 -07:00

1 2 3 4 5 ...

285 Commits