valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,866 Commits 2 Branches 109 Tags 25 MiB
418e6495c0
Commit Graph

1866 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mitchell Grenier
418e6495c0 Adding a remote logger for osquery 
The first draft of the remote logger for osquery. This should give a rough idea
of how the code will be structured and function. RFC please.

At the advice of @theopolis, I removed the category type and added the
http_logger key. We figure this should be more efficient and doesn't have to
be known at compile time.
 2015-05-28 17:14:56 -07:00
Teddy Reed
ce3ac8a7e3 Merge pull request #1164 from theopolis/packs 
Pack and testing fixups
 2015-05-28 16:47:35 -07:00
Teddy Reed
56fe564b4e Merge pull request #1166 from theopolis/extensions_docs 
[#1076] RTD wiki article on extensions autoloading
 2015-05-28 16:47:29 -07:00
Teddy Reed
6591916fed [#1076] RTD wiki article on extensions autoloading 2015-05-28 16:27:29 -07:00
Teddy Reed
4064fa6eb5 Pack and testing fixups 2015-05-28 12:17:27 -07:00
Teddy Reed
e9ef8b7a4f Merge pull request #1163 from mark-ignacio/x509-unixtime 
Converted CFAbsoluteTime in X509 certificates to UNIX time
 2015-05-27 17:21:53 -07:00
Mark Ignacio
84f8203dfd Converted CFAbsoluteTime in X509 certificates to UNIX time 2015-05-27 15:23:46 -07:00
Teddy Reed
ff9243bce1 Merge pull request #1159 from mofarrell/user-groups-table 
Wrote a user_groups table for darwin and linux based system.
 2015-05-27 11:38:06 -07:00
Teddy Reed
f4823e7588 Merge pull request #1162 from theopolis/vagrant-aws 
Amazon AWS/EC2 Vagrant support for RHEL/Amazon Linux
 2015-05-27 11:37:19 -07:00
Teddy Reed
b405d9f24a Build/vagrant wiki cleanup 
1. Adding us-west-2
2. Support for VPC/subnet options
3. Excluding binary/git dirs from AWS rsync
 2015-05-27 11:12:02 -07:00
Michael O'Farrell
80356b26f0 Wrote a user_groups table for darwin and linux based system. 
The user_groups table represents the association between user ids and group ids.

Darwin Issue:
Issues arise in darwin systems with users that are members of many groups due
to a bug in Apple's implementation of getgrouplist.  If the number of groups a
user is a member of is greater than 64 a truncated association table may
be returned.
 2015-05-27 10:32:46 -07:00
Blake Frantz
28d9237b50 Amazon EC2-based vagrant targets for RHEL/Amazon Linux 
1. added docs for vagrant-aws support in Vagrantfile
2. removed aws target that have local vagrant support. inline-string'd aws.user_data
3. support building rhel6/7 in aws
4. correct aws-rhel6.6 name. it should be rhel6.5
 2015-05-26 21:03:10 -07:00
Teddy Reed
13673bb7a2 Merge pull request #1158 from theopolis/tls_workflow 
TLS/Enroll plugin workflow optimizations
 2015-05-26 20:12:56 -07:00
Teddy Reed
8b3686a58a TLS plugin workflow tests 2015-05-26 19:55:00 -07:00
Teddy Reed
8b21a47710 Merge pull request #1157 from theopolis/cmake_cleanup 
[Fix #1154] Clean up CMake messages and check TP
 2015-05-23 17:38:17 -07:00
Teddy Reed
b90b21bc2d [Fix #1154] Clean up CMake messages and check TP 2015-05-23 17:15:28 -07:00
Teddy Reed
5e8c9b66d4 Merge pull request #1153 from theopolis/cleans 
Detect TLS version from OpenSSL/CMake FIND_LIBRARY
 2015-05-23 13:57:23 -07:00
Teddy Reed
69dc7e29ea Merge pull request #1156 from theopolis/test_from_root 
Allow unit tests execs from project root
 2015-05-23 13:56:27 -07:00
Teddy Reed
4a6c002f62 Allow unit tests execs from project root 2015-05-23 13:12:31 -07:00
Teddy Reed
5969ae4fbf Clean up TLS-version from OpenSSL detection 2015-05-23 13:04:36 -07:00
Teddy Reed
700384dedc Minify tables namespace, extra CMake macros 2015-05-22 10:29:04 -07:00
Javier Marcos
9a4f611baf Merge pull request #1155 from javuto/osquery_packs_table 
Osquery packs table
 2015-05-21 20:32:45 -07:00
Javier Marcos
f86b2bc6f3 Adding checks to avoid duplicated queries in the schedule 2015-05-21 19:23:38 -07:00
Mike Arpaia
6f30c40041 Merge pull request #1152 from sharvilshah/xattr_parse_where_from 
More thorough where_from parsing in extended_attributes
 2015-05-21 16:32:32 -07:00
Javier Marcos
2b834a401a Fixing problem with extensions test, utility tables were added to core 2015-05-21 14:10:20 -07:00
Javier Marcos
886ad6e928 Added table for the packs and check for already scheduled queries 2015-05-21 13:42:45 -07:00
Sharvil Shah
a216ef2886 Use CoreServices Metadata API to parse kMDItemWhereFroms for file xattrs and now includes non-browser values too 2015-05-20 10:50:25 -07:00
Teddy Reed
4ff2fc1db2 Merge pull request #1151 from theopolis/crontab-fix 
Include several search paths for user contabs
 2015-05-20 10:47:32 -07:00
Javier Marcos
81819e3d64 Table for osquery packs 2015-05-19 18:45:04 -07:00
Javier Marcos
c6855fab43 Table for osquery packs 2015-05-19 18:44:28 -07:00
Teddy Reed
b3338dc5d2 Merge pull request #1146 from theopolis/tls 
Towards TLS config/logging
 2015-05-19 17:17:04 -07:00
Teddy Reed
2a1f496cc5 Towards TLS config/logging 2015-05-19 17:05:55 -07:00
Teddy Reed
983d107fe6 Search for cronstabs in /cron and /cron/crontabs 2015-05-19 15:51:03 -07:00
Teddy Reed
f32371f94f Merge pull request #1150 from theopolis/mounts 
Add mounts table support under FreeBSD
 2015-05-19 15:45:01 -07:00
Ryan Steinmetz
949f84f3a8 Add mounts table support under FreeBSD 
Cleanup blacklist entries for FreeBSD (mounts/users/groups)
 2015-05-19 15:33:06 -07:00
Javier Marcos
65e6e38e0f Merge pull request #1143 from javuto/pack_config_changes 
Support to load query packs as scheduled queries
 2015-05-16 15:37:27 -07:00
Javier Marcos
47e680e825 Adding tests and implementing version checker 2015-05-15 22:25:19 -07:00
Teddy Reed
7dd446ad56 Merge pull request #1137 from theopolis/oracle-2 
[#1090] Oracle 5.11 (gateway to CentOS5.11, RHEL5.11)
 2015-05-15 08:50:25 -07:00
Teddy Reed
f5945f98b4 Oracle 5.11 2015-05-14 22:44:01 -07:00
Teddy Reed
525c584a0b Merge pull request #1141 from theopolis/static_cryptsetup 
Build libcryptsetup statically
 2015-05-14 22:33:56 -07:00
Teddy Reed
9ee839b265 Build libcryptsetup statically 2015-05-14 19:36:00 -07:00
Javier Marcos
aa27159bb8 Proper update of the schedule and iterate all the packs 2015-05-14 17:20:00 -07:00
Teddy Reed
9854897522 Merge pull request #1127 from blakefrantz/master 
add support for amazon linux 2015.03
 2015-05-14 15:58:38 -07:00
Javier Marcos
e170692db6 Top level key is packs 2015-05-13 23:10:44 -07:00
Javier Marcos
4d8b05d861 Adding parsed packs to schedule 2015-05-13 21:19:54 -07:00
Javier Marcos
9e9ab079ec Adding support for packs in configuration files 2015-05-13 13:55:01 -07:00
Blake Frantz
4262dd502d add install_iptables_dev 2015-05-13 11:52:49 -07:00
Blake Frantz
3a49fc46c8 Merge remote-tracking branch 'upstream/master' 2015-05-13 07:38:41 -07:00
Blake Frantz
410dec3a9c update provision/lib.sh to support amazon linux 2015-05-13 07:37:59 -07:00
Teddy Reed
4d9d264600 Merge pull request #1136 from theopolis/zi0r-patch-1 
Add first wave of support for building on FreeBSD
 2015-05-12 23:57:23 -07:00