valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,552 Commits 2 Branches 109 Tags 25 MiB
51fd73c449
Commit Graph

525 Commits

Author SHA1 Message Date
Teddy Reed
fbc8fb92dc Allow --config_dump with watcher 2015-12-14 16:19:37 -08:00
Teddy Reed
1636abeed6 Update Fedora to use dnf, RocksDB to 4.1 2015-12-14 15:24:11 -08:00
Teddy Reed
2fe800d9b8 Add ASAN blacklists for GFlags and RocksDB 2015-12-14 15:09:46 -08:00
Teddy Reed
9d394065e3 [#1636] Add simple sharding to packs and pack queries 2015-12-10 10:01:53 -08:00
Teddy Reed
b88d6816f3 Additional TSK tables 2015-12-07 08:36:22 -08:00
Teddy Reed
c020bb87b4 Merge pull request #1705 from theopolis/dump 
[#1702] Add config and database dumping to stdout
 2015-12-06 21:41:31 -08:00
pathcl
6c8cc20117 PEP8 Compliance && Python 3.X compatibility 
Signed-off-by: Teddy Reed
Merge-conflicts-by: Teddy Reed

Closes: #1586
 2015-12-06 20:57:30 -08:00
Teddy Reed
9ebd292eb6 [#1648] Support multiple loggers 2015-12-06 11:10:10 -08:00
Teddy Reed
fef53fa0d0 Add config and database dumping to stdout 2015-12-06 11:01:26 -08:00
Teddy Reed
1acba4dfa6 Merge pull request #1700 from theopolis/tsk2 
TSK integration and example tables
 2015-12-04 11:26:03 -08:00
Teddy Reed
f687a84840 [Fix #1689] Remove C-style comments from config examples 2015-12-04 11:08:54 -08:00
Teddy Reed
373ce339dc TSK integration and example tables 2015-12-04 11:08:51 -08:00
Teddy Reed
e5bc6410ba Merge pull request #1697 from theopolis/fix_1660 
[Fix #1660] Prevent spurious NETLINK recv retries
 2015-12-02 23:56:39 -08:00
Teddy Reed
4dc6b9f0a3 [Fix #1660] Prevent spurious NETLINK recv retries 2015-12-02 23:33:20 -08:00
Teddy Reed
ffb5b7020e [Fix #1693, #1527] Add osquery-specific query planner output 2015-12-02 19:57:24 -08:00
Mykola Kokalko
652e5a24f3 [Fixed] build for lucid 
[Added] python packages which are not installable via pip on lucid

[Moved] installing latest bison and openssl right before thrift building for lucid

[Fixed] package bison installation for not lucid

[Added] OpenSSL dependency for lucid

[Changed] prefix to /usr/local

[Fixed] wrong file for checking if dependency is intalled
 2015-11-30 17:49:31 +01:00
Teddy Reed
44286eb611 Add hardware/internal (monitoring) packs and reduce FPs, duplicate queries 2015-11-26 16:00:53 -08:00
Teddy Reed
204b16a946 Merge pull request #1675 from theopolis/planner_or 
Fix constraints stacking
 2015-11-24 12:25:15 -08:00
Teddy Reed
3221fbd9b3 Fix constraints stacking 2015-11-22 22:53:23 -08:00
Teddy Reed
a3a05e7e1e [#1527] Add a --profile option to the shell, replace 'run' 2015-11-21 22:45:40 -08:00
Teddy Reed
98f212e7a9 Add a SQLite query planner for type detection 2015-11-15 13:56:16 -08:00
Teddy Reed
cef8f59054 Merge pull request #1639 from theopolis/cache 
Table results caching
 2015-11-14 16:22:24 -08:00
Teddy Reed
e1d7511600 Remove column type string representations 2015-11-14 15:57:30 -08:00
Teddy Reed
c2be670806 Table results caching 
1. Table implementations (spec files) can mark the table as 'cachable'.
2. Cached results depend on the shortest/quickest interval of scheduled
queries that act on results of the table.
3. The table API generator blocks caching on index/additional/required
table column options.
 2015-11-14 15:57:23 -08:00
Andrew Dunham
4ccdcc7864 Allow setting the mode of log files 
This also sets the appropriate flags in glog
 2015-11-11 11:37:55 -08:00
Teddy Reed
28bdcecc19 Custom flaky test marker 2015-11-08 02:29:49 -08:00
Teddy Reed
b29168a7b7 Use a null DB for the run test binary 2015-11-04 10:39:40 -08:00
Teddy Reed
5aa225d4c3 Merge pull request #1619 from sharvilshah/wifi 
Implement wifi_networks tables for OS X
 2015-11-02 16:11:21 -08:00
Teddy Reed
15215cdbc0 Add persistent splays 2015-11-02 14:10:04 -08:00
Teddy Reed
6aae4c9aa0 Fix tests and shell escape errors (faults) 2015-11-02 10:57:01 -08:00
Teddy Reed
50550e607a Build and provision edits for FreeBSD CI 2015-11-02 01:47:09 -08:00
Sharvil Shah
9a6d6d1293 Implement wifi_networks tables for OS X 
If the option of remembering known Wi-Fi networks is enabled on a system,
they are persisted to disk as a preferences property list file.
This table is populated by parsing that file.
 2015-11-01 16:53:51 -08:00
Teddy Reed
6a07135648 Passing clang Address/Leak Sanitize version 3.7 2015-11-01 04:00:21 -08:00
Teddy Reed
cd8f42844a Mark flaky integration tests 2015-10-28 09:40:17 -07:00
Teddy Reed
8ca2925ef0 [Fix #1583] Require osqueryd to have R/W access to RocksDB 2015-10-27 16:09:24 -07:00
Teddy Reed
654830cf11 Merge pull request #1594 from rcseacord/additional-sign-fixes 
eliminated some warnings from Clang 3.7 analyze mode
 2015-10-23 13:03:54 -03:00
Robert C. Seacord
1d9695ac31 eliminated some warnings from Clang 3.7 analyze mode 2015-10-21 06:02:58 +00:00
Teddy Reed
7ba87a88bb Merge pull request #1585 from rcseacord/additional-sign-fixes 
Additional sign fixes
 2015-10-19 11:25:18 -07:00
Scott J Roberts
1258800279 basic flag added 
wrong thing on the clipboard

updated to ProgramArguments vs Program per theopolis
 2015-10-19 11:56:12 -04:00
Robert C. Seacord
acb2f6f628 eliminating diagnostics, mostly for comparisons between signed and unsigned operations 2015-10-16 16:10:37 +00:00
Teddy Reed
c26f7bf8da Merge pull request #1565 from PickmanSec/master 
added comment parsing for profile.py
 2015-10-15 12:19:59 -07:00
Teddy Reed
2e7415f871 Convert wiki to UNIX format and refresh most content 2015-10-15 12:18:16 -07:00
Michael George
ed00e54aa7 added comment parsing 
added packs to profiling

added comment scrubing.
 2015-10-14 17:04:38 -07:00
Luis San Martin
0f0d873a96 sudo added as requeriment 2015-10-14 20:05:12 -03:00
Teddy Reed
1c12d274f4 Minor fix, return an empty query data 2015-10-13 09:25:10 -07:00
Teddy Reed
0440bb970f Fix test_5_daemon_sigint, and hardware_events tests 2015-10-13 08:40:23 -07:00
Javier Marcos
7442392c7f Fixing default configuration syntax, trailing comma 2015-10-09 14:50:00 +02:00
Mike Arpaia
5789d889f4 Merge pull request #1538 from marpaia/discovery_queries 
[fix #1536] Schedule iteration pass-by-reference
 2015-09-30 15:50:05 -07:00
Mike Arpaia
65df593d33 [fix #1536] Schedule iteration pass-by-reference 
There was a bug in the `osquery::Schedule` container object such that,
when the iteration through the schedule occured, pack objects were being
passed by value (copied) instead of passed by reference. Thus, the
discovery query would be executed, the object's cache would be updated,
and then the object would go out of scope and be destructed, thus
leaving the original object without ever having ran the discovery query.
This caused discovery queries to thrash. Bad times.

I added a new test so that we don't regress here as well as const'd a
few functions that should have been const in `osquery::Pack`.
 2015-09-30 15:41:43 -07:00
Teddy Reed
ad4b41cb84 Merge pull request #1524 from mathieuk/build_on_debian_wheezy_with_benchmark_change 
Build on debian wheezy with recent changes
 2015-09-30 13:32:55 -07:00