valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,661 Commits 2 Branches 109 Tags 25 MiB
4cb0b2cb57
Commit Graph

4661 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mcburrlin
4cb0b2cb57 Typo on Ubuntu 17.04 bento box (#5136) 2018-08-30 09:46:13 +01:00
Filipe Manco
873c6555d0
[Table sanity check] os_version (#5124) 2018-08-30 09:39:43 +01:00
Teddy Reed
7a2bc0bc28
virtual tables: Handle SQLite3 BLOB_TYPE (#5118) 2018-08-29 21:40:33 -04:00
Giorgi Guliashvili
126a5ac92f
errorbase wdeprecated warning fix (#5131) 2018-08-29 20:16:23 +01:00
Giorgi Guliashvili
637d301853
validate rows assert debugging (#5125) 2018-08-29 20:16:00 +01:00
Alexander
f7b5447871
Use just std::function for custom validator in table integration tests (#5129) 2018-08-29 18:48:49 +01:00
Alexander
80bfdf914c
[Table sanity check] Integration tests for deb_packages (#5120) 
[Table sanity check] Integration tests for deb_packages
 2018-08-29 18:04:15 +01:00
Max Kareta
85d78c768e
[Table sanity check] crontab (#5127) 2018-08-29 16:16:23 +01:00
Alexander
7ed337d008
[Table sanity check] Integration test for the linux kernel modules table (#5121) 2018-08-29 15:13:38 +01:00
Max Kareta
ba1a933b90
[Table sanity check] system info (#5119) 2018-08-29 12:53:38 +01:00
Filipe Manco
59925a2706
[Table sanity check] hash (#5122) 2018-08-29 12:42:19 +01:00
Giorgi Guliashvili
a06af88b18
simplify logger initilization (#5078) 2018-08-29 00:21:59 +01:00
Alexander
8702537fe9
Run 'test_debug' in order to run the tests for debug build (#5092) 2018-08-28 17:35:19 +01:00
Giorgi Guliashvili
d5ccbd1813
treat warnings as error only in the osquery core (#5113) 2018-08-28 17:22:06 +01:00
Alessandro Gario
3082b7cb87 socket_events: Use local_port/local_address for bind() (#5098) 2018-08-28 15:52:36 +01:00
Alexander
6a460f22c7
RAII based scope guard class (#4980) 
To be sure that resources are always released/removed/closed/verified/stoped
in face of multiple return statements from the function.
 2018-08-28 12:32:02 +01:00
Alexander
dcfe83a0aa
Helper functions tryTake, tryTakeCopy to lookup in key-value tables (#4833) 
There are a lot of lookups in the maps the osquery code. Most of them are verbose and not-optimal with check if such key exists in the table before get access. Some of them consists error e.g.:
```c++
    r["uid"] = row.count("uuid") > 0 ? row.at("uid") : "";
```
Introduced code will help to avoid the most of such problems.
 2018-08-28 12:31:10 +01:00
Jibola
e05be701ed Expand "opaque" values in system_controls table (#5082) 2018-08-28 11:52:06 +01:00
Alexander
ae09a6e95b
Fix up debug build for InMemoryDatabaseTest (#5086) 
Fix up debug build for InMemoryDatabaseTest

  - add checks for return status of the operations
  - fix up check funtion for types in DB
 2018-08-28 11:22:57 +01:00
Adrien Schildknecht
d7b701cb2a Implement setThreadName() for FreeBSD (#5097) 
FreeBSD supports renaming threads with pthread_np.
The difference with Linux or Darwin is that there's no error code:
  "Because of the debugging nature of this function, all errors that may
   appear inside are silently ignored"
This isn't really a problem because thread names are meant for debugging
and osquery does not check the retun value of `setThreadName()` anyway.

Test plan:
  adrs@freebsd: procstat -t `pidof old_osqueryi`
    PID    TID COMM                TDNAME              CPU  PRI STATE   WCHAN
   7612 100059 osqueryi            -                    -1  152 sleep   ttyin
   7612 100162 osqueryi            -                    -1  152 sleep   uwait
   7612 100163 osqueryi            -                    -1  152 sleep   select
  adrs@freebsd: procstat -t `pidof osqueryi`
    PID    TID COMM                TDNAME              CPU  PRI STATE   WCHAN
   7278 100151 osqueryi            -                    -1  120 sleep   ttyin
   7278 100160 osqueryi            ExtensionWatcher     -1  120 sleep   uwait
   7278 100161 osqueryi            ExtensionRunnerCore  -1  131 sleep   select
 2018-08-28 11:11:11 +01:00
Alexander
be73ffe618
Add an rvalue constructor for Expected (#5087) 
to be sure that other expected remains with status 'error checked'
 2018-08-28 10:53:50 +01:00
ShlomoGood
1103d2cf24 Update flag verbage for TLS tests (#5095) 2018-08-27 09:53:36 -07:00
Giorgi Guliashvili
fd5b103c63
rearrange initLogger disable capabilities (#5077) 2018-08-27 17:33:10 +01:00
Max Kareta
78020a127e
added stubs for sanity checks (#5109) 2018-08-27 17:21:26 +01:00
Giorgi Guliashvili
21228c3172
put config backup feature behind killswitch (#5100) 2018-08-27 17:16:43 +01:00
Max Kareta
63fb35af74
added uptime sanity check (#5108) 2018-08-27 17:00:40 +01:00
Max Kareta
5dc0e5a7d5
added integration tests target and helper functions to tests table sanity (#5107) 2018-08-27 15:25:28 +01:00
Allan Liu
a17d6b5963 SMBIOS oem_strings table (#4849) 2018-08-22 20:02:40 -04:00
Teddy Reed
affb48f7db
deps: Update Vagrant macOS target to 10.13 (#5073) 2018-08-22 20:00:58 -04:00
Giorgi Guliashvili
5f9552fa0e
writeTextFile optional mode argument (#5081) 2018-08-22 14:23:01 +01:00
Alexander
c5b8ee2d58
Fix up usage of debug_only::Var in expected assign operator (#5085) 
debug_only::Var debug version doesn't have assign operator
 2018-08-22 13:27:24 +01:00
Alexander
b6edf00892
Make error messages in Expected check different to distinguish problems (#5088) 
Make error messages in Expected check different to know for sure which check is failed.
 2018-08-22 13:26:55 +01:00
Giorgi Guliashvili
2a9a9ef666
cleanup after the primary logger concept removal (#5089) 2018-08-22 01:58:00 +01:00
Giorgi Guliashvili
81d53394fa
unused code after refactor (#5083) 2018-08-21 21:25:48 +01:00
Giorgi Guliashvili
dc3bb9ebba
remove unused force_permissions (#5080) 2018-08-21 20:58:52 +01:00
Max Kareta
cbfcd875cd
disk_encryption macOS, fix for issue #4658 (#4691) 2018-08-21 18:45:56 +01:00
Filipe Manco
d0486499ea
Log when an extension is registered or dies (#5076) 2018-08-21 10:31:20 +01:00
Giorgi Guliashvili
fa98cd5cc6
get rid of aliased flag log_result_events (#4970) 2018-08-20 20:42:40 +01:00
Giorgi Guliashvili
b30af3b6f2
remove primary logger concept (#4969) 2018-08-20 20:38:26 +01:00
Giorgi Guliashvili
77b0dbffa7
Match how logger_min_status works to doc (#4977) 2018-08-20 15:37:33 +01:00
Giorgi Guliashvili
13bdf72682
default logtostderr to true (remove logStderrOnly) (#4971) 2018-08-20 15:36:52 +01:00
Giorgi Guliashvili
5314fc6034
Match how logger_min_stderr works to doc (#4978) 2018-08-20 15:11:29 +01:00
Filipe Manco
2f50d1a13d Correct --enable_extensions_watchdog description (#5066) 2018-08-20 14:35:26 +01:00
Adrien Schildknecht
a86603e9fd route table: get the value of the MTU on Linux (#4981) 2018-08-20 14:27:37 +01:00
Giorgi Guliashvili
561fda3aa0
config backup (#4935) 2018-08-20 14:24:24 +01:00
Giorgi Guliashvili
84698b3e84
get rid of alias verbose_debug and debug (#4972) 2018-08-20 14:17:03 +01:00
Max Kareta
78ba6e0e62
rocksdb implementation part (#4912) 2018-08-20 12:49:56 +01:00
Teddy Reed
512f775c58
Remove boost SHA1 UUID dependency (#5070) 2018-08-19 21:55:00 -04:00
Jonathan Keljo
c9736efe6b Reorder hashes in the ssdeep-cpp formula so that macOS doesn't pick the Linux one (#4975) 
See #4855
 2018-08-17 08:02:52 -04:00
ryandeivert
68be4f10fa [aws] adding aws proxy support in ClientConfiguration (#4850) 2018-08-17 10:25:10 +01:00