valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,071 Commits 2 Branches 109 Tags 25 MiB
395f825321
Commit Graph

433 Commits

Author SHA1 Message Date
Javier Marcos
7241becda1 Fix tables JSON file name 2015-07-16 13:38:31 -07:00
Javier Marcos
84e0c77a98 Generation of table docs with packages and docs targets 2015-07-16 12:23:44 -07:00
Javier Marcos
01fabf910d Merge pull request #1343 from javuto/generate_tables_output 
Adding support to generate documentation to external files
 2015-07-15 17:10:27 -07:00
Javier Marcos
ba69bf8efa Adding support to generate documentation to external files 2015-07-15 13:18:41 -07:00
Teddy Reed
341245f751 Build/install gflags' static library on build hosts. 
As of [homebrew #41151](https://github.com/Homebrew/homebrew/pull/41151) gflags is not installed with a static library.
Our build hosts must have static versions of gflags.
 2015-07-14 17:20:55 -07:00
Teddy Reed
c269bbeaf3 Rollup of build changes 2015-07-14 13:45:53 -07:00
Teddy Reed
19d7a9e735 Merge pull request #1328 from mofarrell/kernel 
Fixed cleanup in testing script in failure cases.
 2015-07-13 16:41:44 -07:00
Michael O'Farrell
b2b1f0483d Fixed cleanup in testing script in failure cases. 2015-07-13 16:11:45 -07:00
Teddy Reed
0e49a3a9a1 Build separate OS X packages 2015-07-13 15:44:16 -07:00
Michael O'Farrell
dd1f0af0ff Build system changes for kernel extension testing and deployment. 2015-07-09 11:50:23 -07:00
Michael O'Farrell
0284b9e60d Merge branch 'master' into kernel 
Conflicts:
	mkdocs.yml
 2015-07-08 10:26:32 -07:00
Teddy Reed
f48619ed28 [#1285, #1276] Faster, optimized subscriber results 2015-07-07 00:59:28 -07:00
Matthew White
11f447a959 Minor fixes to support building on Ubuntu 10.04 2015-07-06 15:18:11 -07:00
Teddy Reed
7aac5fd358 Replace custom wildcarding with POSIX-glob 
POSIX-globbing will allow event publishers/subscribers to post-check
results against glob-syntax, fnpath matching, and POSIX C-regex.
These checks are anecdotally speedy.
 2015-07-02 13:53:16 -07:00
Teddy Reed
64e4afa136 Merge pull request #1294 from theopolis/relax_test_timesouts 
Relax extensions and shell timeouts
 2015-07-02 13:50:07 -07:00
Teddy Reed
89e5b6c729 Relax extensions and shell timeouts 2015-07-02 12:14:44 -07:00
Mike Arpaia
ba89b67cc5 Install snappy headers instead of just the library 
We found that not installing the headers for snappy caused RocksDB's
snappy detection to not find that snappy was installed:
https://goo.gl/YOWJl0

The snippet there requires that the headers are installed, not just the
library. By installing the headers, we can ensure that snappy is linked.

OR, alternatively, we could just leave it and not link snappy. It's
uncertain what the specific benefits of including snappy are for our
use-case. (CC @igorcanadi)
 2015-07-01 16:14:06 -07:00
Michael O'Farrell
a7bd4bd3db Merge pull request #1278 from facebook/master 
Merge branch 'master' into kernel
 2015-06-30 13:12:16 -07:00
Teddy Reed
757940fe6f Towards CMake-powered kernel extension building 2015-06-30 00:49:16 -07:00
Mike Arpaia
06793f9d00 Merge pull request #1267 from marpaia/osquery-latest-no-more 
Remove "latest" from the osquery package names
 2015-06-29 15:09:31 -07:00
Teddy Reed
0d6ab16281 Yara events was not building 2015-06-29 14:45:31 -07:00
Mike Arpaia
d6719f9ef7 Remove "latest" from the osquery package names 2015-06-29 11:18:49 -07:00
Teddy Reed
8db6ca4a3f [Fix #1198] Add a small retry to ext watcher 2015-06-28 02:12:50 -07:00
Teddy Reed
5566d8cd96 Merge pull request #1194 from theopolis/lucid-build 
Loose support for building on Ubuntu 10.04
 2015-06-27 20:47:53 -07:00
Teddy Reed
e7ed68e187 [Fix #1198] Faster death/timeout checks in extensions tests 2015-06-25 02:53:53 -07:00
Sharvil Shah
368517c6a6 Use psutil's Process.children() instead of Process.get_children() as the latter has been deprecated. 
Process.get_children() had been deprecated in psutil 2.x and is compeletely removed in 3.x versions
in favor of Process.children().

This fixes #1220.
 2015-06-23 16:44:05 -07:00
Mike Arpaia
2b9bbb6bd4 Merge pull request #1223 from marpaia/yara-3.4.0 
updating yara to 3.4.0
 2015-06-22 09:33:25 -07:00
Teddy Reed
37188f788b Fixups in tables, add DOUBLE, shell extensions 2015-06-22 04:17:23 -04:00
Mike Arpaia
6f85f2f617 updating yara to 3.4.0 2015-06-21 11:40:51 -04:00
Teddy Reed
46ceb7aa6d Merge pull request #1213 from theopolis/certs2 
Update testing x509 certs
 2015-06-13 02:24:29 -07:00
Teddy Reed
2fb774218a Update testing x509 certs 2015-06-13 02:13:31 -07:00
Teddy Reed
e7ab2fc47b Limit scope of git/tag version defines. 
Harden plist parsing against internal fuzzing tests.
Improve file/stream read speeds.
 2015-06-12 10:10:20 -07:00
Teddy Reed
727f5b091f Various table perf improvements and TLS docs 2015-06-05 22:03:15 -07:00
Teddy Reed
ccb1c2cd69 Loose support for building on Ubuntu 10.04 2015-06-04 18:25:49 -07:00
Teddy Reed
4e59bcf4c1 Merge pull request #1191 from theopolis/feature-backoffs 
[#1190] Schedule queries without logging removed results
 2015-06-04 14:58:19 -07:00
Teddy Reed
a678f8f46a Merge pull request #1192 from theopolis/rocksdb-from-homebrew 
[Fix #1185, #1183] Use RocksDB from Homebrew on OS X
 2015-06-04 14:34:52 -07:00
Teddy Reed
650a43d053 [Fix #1185, #1183] Use RocksDB from Homebrew on OS X 2015-06-04 13:56:58 -07:00
Teddy Reed
e244883ea4 [#1190] Schedule queries without logging removed results 2015-06-04 13:53:55 -07:00
Teddy Reed
a70828c2a4 Merge pull request #1187 from sharvilshah/xattr_update 
Extended Attributes: Use LaunchServices API for quarantine data
 2015-06-03 22:38:17 -07:00
Sharvil Shah
065fe6412d Use LaunchServices (part of CoreServices) to grab quarantine properties instead of manually parsing the colon separated attribute data. 
Fall back to deprecated LaunchService API for OS X 10.9 Mavericks.

Added tests for extended_attributes

Better error handling and cleanup
 2015-06-03 22:18:45 -07:00
Teddy Reed
c934ad0df3 Update tooling/profiling paths 2015-06-03 21:22:12 -07:00
Teddy Reed
8aacaca7eb Query pack platform binds should match any/all 2015-06-03 13:56:39 -07:00
Teddy Reed
a105924804 Move specs to a top-level path, add query examples 
1. Example queries will run with an (optional) integration test.
2. Fix bad accesses with OS X package BOMs
3. Move spec files from ./osquery/tables/specs to ./specs
4. Remove server parsers (netlib) from client builds.
 2015-06-03 10:39:05 -07:00
Teddy Reed
5899bbb8f5 Merge pull request #1182 from theopolis/osx_rocksdb_portable 
Build RocksDB from source on Darwin
 2015-06-02 15:50:15 -07:00
Teddy Reed
eeab588d8f Build RocksDB from source on Darwin 2015-06-02 15:25:16 -07:00
Teddy Reed
f41fb6b107 Remove package-manager installed autoconf tools for older distros 2015-06-02 03:05:47 -07:00
Teddy Reed
0669d8205e Merge pull request #1174 from theopolis/remote_logger 
TLS/HTTPS-based logger plugin
 2015-06-02 02:59:34 -07:00
Teddy Reed
33f53809ad Fix DBHandle checking with concurrent processes. 
`make tests` fails with another osquery process running.
The backing-store check happens after a config plugin is setUp and
the initial load occures. This may involve calls to cached keys, the
check should occur pre-config initialize.
 2015-06-02 02:50:04 -07:00
Teddy Reed
da9bd5801b Migrate HTTP remote logger to TLS logger 2015-06-01 10:12:31 -07:00
Teddy Reed
4064fa6eb5 Pack and testing fixups 2015-05-28 12:17:27 -07:00