valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,866 Commits 2 Branches 109 Tags 25 MiB
418e6495c0
Commit Graph

1866 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Arpaia
8e7d10b956 Changing read the docs URL to be https 2015-04-19 12:49:33 -07:00
Teddy Reed
767ac367b6 Merge pull request #1008 from theopolis/docs_3 
Documentation updates, separate config/logging pages
 2015-04-19 08:23:07 -07:00
Teddy Reed
8930f9e692 Documentation updates, separate config/logging pages 
Mostly minor documentation/wiki/guide fixes.
The breaks down the "using osqueryd" page into more of a summary
of what the daemon does from a schedule/logging perspective.

The bulk of the "using osqueryd" page now exists in the configuration
deployment page and the new "logging" deployment page.
 2015-04-18 22:09:25 -07:00
Teddy Reed
b8db4359f3 Merge pull request #1004 from theopolis/fix_bugs 
Lint fixes and clang analyze
 2015-04-18 14:31:39 -07:00
Teddy Reed
6b9f412caa Towards OS X memory maps 2015-04-18 14:20:40 -07:00
Mitchell Grenier
cf6457ae94 Merge pull request #986 from jedi22/config_remote 
Creating interfaces for remote logging
 2015-04-17 16:28:15 -07:00
Mitchell Grenier
c47790d87d Creating interfaces for remote logging 
First draft of the enrollment plugin and part of the config plugin.

Please comment on potential structure and functionality.

They way it's designed to work is this:
Both the config and logger plugins will call the enroll getKey function. getKey
is in charge of maintaining the state of having a key and doing the enrollment.

If enroll has a key, then it will instantly return doing no HTTP requests, if it
doesn't, then it will try a few times to get a key, if it's not successful, it
fails and returns an empty string, if it succeeds, then it will return the
client enrollment key for the requester to use.
 2015-04-17 14:48:46 -07:00
Teddy Reed
c59ce0e4e4 Lint fixes and clang analyze 2015-04-17 09:18:46 -07:00
Javier Marcos
470d63c283 Merge pull request #1002 from javuto/osquery_scheduled_table 
Adding osquery_scheduled table
 2015-04-16 15:48:33 -07:00
Javier Marcos
1e505fe023 Adding renamed file 2015-04-16 15:29:10 -07:00
Javier Marcos
3c86ecd31c Changing name to osquery_schedule 2015-04-16 15:26:20 -07:00
Javier Marcos
6f2afd7be8 Adding osquery_scheduled table 2015-04-16 14:48:21 -07:00
Teddy Reed
1236f22501 Merge pull request #999 from theopolis/launchd_overrides_2 
Add launchd_overrides table
 2015-04-16 13:35:22 -07:00
Teddy Reed
cf479abdc8 [Fix #1000] Bump third-party SQLite 3.8.9 2015-04-16 12:53:12 -07:00
Teddy Reed
c9e07ec2ba Add launchd_overrides table 2015-04-15 23:19:23 -07:00
Mike Arpaia
a8506d15e8 Merge pull request #997 from facebook/platform_osquery_info 
[#989] Adding distro and version to osquery_info
 2015-04-15 21:28:35 -07:00
Javier Marcos
4763d2a5ff Removing commented ifdef 2015-04-15 20:46:06 -07:00
Javier Marcos
7a2716b4b6 Adding distro and version to osquery_info 2015-04-15 16:34:12 -07:00
Teddy Reed
1e584c9b93 Merge pull request #992 from theopolis/debug_target 
[Fix #991] Use separate targets for opt/debug builds
 2015-04-15 12:19:21 -07:00
Teddy Reed
8fe0a214b2 Merge pull request #994 from theopolis/ubuntu_version 
Fix Ubuntu os_version regex
 2015-04-15 12:18:46 -07:00
Mike Arpaia
c37be342ec updating wiki link to read the docs 2015-04-15 01:02:58 -07:00
Teddy Reed
f7f1819a67 Fix Ubuntu-version regex 2015-04-14 22:43:44 -06:00
Teddy Reed
e6a436fc51 Merge pull request #988 from theopolis/config_parsers 
Add a ConfigParserPlugin to extend config keys
 2015-04-14 21:27:56 -07:00
Teddy Reed
338a14e8db [Fix #991] Use separate targets for opt/debug builds 2015-04-14 22:25:00 -06:00
Teddy Reed
2d3de51510 Restrict permissions on RocksDB paths 2015-04-14 21:07:21 -07:00
Teddy Reed
c3958259b8 Add a ConfigParserPlugin to extend config keys 2015-04-14 20:30:06 -07:00
Teddy Reed
b7d060bc9d Merge pull request #985 from theopolis/rhel_clang3.4 
Cross compile with LLVM 3.4 using gcc 4.9 on RHEL6.5
 2015-04-14 19:54:59 -07:00
Mike Arpaia
af0caac22c Merge pull request #984 from marpaia/requests 
Request template classes
 2015-04-13 11:33:25 -07:00
mike@arpaia.co
233f672655 Request template classes 
As discussed in the comments of #961. Included is an HTTP transport
(which works for HTTPS also) and a JSON serializer.
 2015-04-13 10:32:56 -07:00
Teddy Reed
595e94547d Build LLVM 3.4 using gcc 4.9 on RHEL6.5 2015-04-13 09:19:09 -07:00
Teddy Reed
739d91c361 Performance linting 2015-04-11 19:50:35 -07:00
Teddy Reed
e1f0106710 Various fixes, checks 2015-04-11 15:57:12 -07:00
Teddy Reed
a8ced9a647 Merge pull request #977 from theopolis/process_parsing 
[Fix #968] Refactor launchd
 2015-04-11 14:18:58 -07:00
Mike Arpaia
0745017233 missing quote in docs 2015-04-10 23:31:10 -07:00
Mike Arpaia
5cebb95134 Merge pull request #979 from theopolis/fast_shell_query 
Skip event publishers when a single query is used
 2015-04-10 23:03:51 -07:00
Mike Arpaia
43cd956c99 Merge pull request #978 from theopolis/no_thrift_php 
Remove php from thrift provision
 2015-04-10 23:02:54 -07:00
Teddy Reed
54af369702 [Fix #968] Refactor launchd 2015-04-10 18:04:26 -07:00
Teddy Reed
aaecffa096 Skip event publishers when a single query is used 2015-04-10 17:37:49 -07:00
Teddy Reed
4a299c1fac Remove php from thrift provision 
The only thrift bindings we need for osquery are cpp/python.
Python is used for the integration tests.
 2015-04-10 17:15:31 -07:00
Mike Arpaia
4a9600d8a1 Merge pull request #967 from jedi22/better_extended 
Better extended attributes
 2015-04-10 16:09:18 -07:00
Mike Arpaia
5ebd757318 Merge pull request #976 from theopolis/tsk 
Documentation updates
 2015-04-10 16:09:05 -07:00
Teddy Reed
e69f72cd56 Documentation updates 2015-04-10 14:31:34 -07:00
Mitchell Grenier
41283223af Better extended attributes 
For the second time in a couple of weeks, I've rewritten the xattr table into
a new extended_attributes table.

If we find an attribute that we don't have a parser for, we will check if it
contains non printable characters. If it does, we'll base64 it. If it doesn't,
we will just output the unencoded string.
 2015-04-10 13:17:22 -07:00
mike@arpaia.co
159899a303 Update patent grant 2015-04-10 11:49:33 -07:00
mike@arpaia.co
dfbc4a2239 making the readme's queries more consistent 2015-04-09 23:17:27 -07:00
Teddy Reed
31ab39ff6a Update wiki pages to use RTD 
Deprecate README links to github wiki pages, use RTD links instead.
Update osquery.io http links to https.
 2015-04-09 22:37:00 -07:00
Teddy Reed
36479bbaf6 Merge pull request #970 from theopolis/osx_managed_configuration 
[Implement #879] Add managed_policies to OS X
 2015-04-09 12:14:50 -07:00
Teddy Reed
dc7cf9cf59 [Implement #879] Add managed_policies to OS X 2015-04-08 21:38:56 -07:00
Teddy Reed
ea96a9d046 Merge pull request #963 from theopolis/os_version 
[Fix #962] Add OS name and friendly version
 2015-04-08 21:32:49 -07:00
Teddy Reed
d30455893f Merge pull request #941 from theopolis/rhel_fun 
[Implement #926] RHEL6 provisioning
 2015-04-08 14:37:48 -07:00