valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,874 Commits 2 Branches 109 Tags 25 MiB
59437ee9a5
Commit Graph

310 Commits

Author SHA1 Message Date
Alexander Kindyakov
59437ee9a5 std::getenv doesn't work for windows sometimes, let's use osquery::getEnvVar instead 
Reviewed By: jessek

Differential Revision: D14065193

fbshipit-source-id: 62523b183a87dc8d49eee6e4146cf41825baceeb
 2019-02-13 10:55:34 -08:00
George Guliashvili
758706331f Remove unused flag enable_monitor 
Summary: Removing flag which was declared but never used. enable_monitor

Reviewed By: marekcirkos

Differential Revision: D13958265

fbshipit-source-id: 3a812330950b101abdbd83ada4afd5b262cabd26
 2019-02-07 08:16:00 -08:00
Max Kareta
8e81e5b259 fixed last gtest direct dependency 
Summary: Another fix for multiple mains in osqueryd binary

Reviewed By: guliashvili

Differential Revision: D13901871

fbshipit-source-id: 8802bf8a9de6c333b6c592195435071fcc1b57ca
 2019-02-05 03:18:49 -08:00
Alexander Kindyakov
79cd575790 Make message realated methods of class Error shorter and less diverse (#5410) 
Summary:
Pull Request resolved: https://github.com/facebook/osquery/pull/5410

 - get rid of *Short* methods
 - getFullMessage -> getNonRecursiveMessage
 - getFullMessageRecursive -> getMessage

Reviewed By: mkareta

Differential Revision: D13897854

fbshipit-source-id: 3e97ceefb2a48a16cd400f7ba7dd730724957ef0
 2019-02-01 07:33:53 -08:00
Max Kareta
188a229d8c fixed double main function 
Summary: before this diff osqueryd was relying on linker order to use right main function, since gtest also contains main function

Reviewed By: guliashvili

Differential Revision: D13897622

fbshipit-source-id: d260b7496f513c7052f4db87c8e7ff9300493671
 2019-01-31 15:09:12 -08:00
George Guliashvili
11cc046992 Add pack name in the ScheduledQuery 
Reviewed By: SAlexandru

Differential Revision: D13859408

fbshipit-source-id: 74ddf8e308aca01df17ec96ce095c0b963740e08
 2019-01-30 06:50:07 -08:00
Filipe Manco
a67525fae1 Fix LICENSE information on file headers (#5375) 
Summary:
Pull Request resolved: https://github.com/facebook/osquery/pull/5375

LICENSE is now defined in a single file on the root of the project, update the
header to contain that information.

**Project LICENSE did not change.**

Reviewed By: akindyakov

Differential Revision: D13750575

fbshipit-source-id: 1e608a81b260b8395f9d008fc67f463160c1fc2b
 2019-01-21 11:51:54 -08:00
George Guliashvili
d498bcbd65 unique target names for xcode (#5328) 
Summary:
Pull Request resolved: https://github.com/facebook/osquery/pull/5328

xcode needs unique target names to properly parse buck generated project

Reviewed By: marekcirkos

Differential Revision: D13487400

fbshipit-source-id: cf0c76145344d0873a0973e226d007597a06d17d
 2019-01-16 12:28:04 -08:00
seph
637eb104b8 Spelling (#5256) 
Summary:
While running `misspell` on a different codebase. I happened to notice that some misspellings in the osquery code base. So, I fixed them
Pull Request resolved: https://github.com/facebook/osquery/pull/5256

Reviewed By: guliashvili

Differential Revision: D13670897

Pulled By: fmanco

fbshipit-source-id: 5d33d858284955c376e8c3980acdf366d4edf3d3
 2019-01-16 08:17:07 -08:00
Max Kareta
8c0c403796 fixed headers_namespace to match file path 
Summary: Some tools does not support virtual headers namespaces and expect header path to match actual file path from project root. This diff will fix few namespaces in utils library

Reviewed By: guliashvili

Differential Revision: D13552878

fbshipit-source-id: 2a06f73550c69777bf73be73abdde297fe580583
 2019-01-14 03:33:32 -08:00
Jeremy Calvert
80351aff7d Get rid of size field in QueryPerformance 
Summary: As discussed in [an old PR](37ffdf8a48 (r213278358)) this is of questionable benefit and will get complicated when we change to typed values, so dropping.

Reviewed By: guliashvili

Differential Revision: D13631227

fbshipit-source-id: ada9b5434297d8c1c4b3e3855fe595faf5937bf6
 2019-01-11 12:25:49 -08:00
Jonathan Keljo
b9f1e94fc8 Prefactor: QueryData -> TableRows for virtual tables 
Summary:
Continuing to march toward low-overhead, type-safe table rows, this commit introduces
a distinction between rows being returned from a table (`TableRows`) and as the
result of a query (`QueryData`). Right now the two are simply aliases for each other;
that will change shortly.

(Adapted from https://github.com/facebook/osquery/pull/5198)

Reviewed By: guliashvili

Differential Revision: D13438019

fbshipit-source-id: 6563fc8c372d9d6c4b05705943ddf39b42260feb
 2019-01-09 13:50:15 -08:00
Alexander Kindyakov
dcf27a5956 Fix up config/tests:test_config_update for windows 
Summary: It turns out we already fixed that old issue

Reviewed By: guliashvili

Differential Revision: D13376876

fbshipit-source-id: a7822a1c79aa180e40f7ce54faa7c811b0d1b24b
 2018-12-11 03:31:17 -08:00
George Guliashvili
971bee4441 Move build system to BUCK 
fbshipit-source-id: 8ffef5e6a393ac67ce56dcb74845402e43d964a0
 2018-12-07 16:12:35 +00:00
Giorgi Guliashvili
21228c3172
put config backup feature behind killswitch (#5100) 2018-08-27 17:16:43 +01:00
Giorgi Guliashvili
561fda3aa0
config backup (#4935) 2018-08-20 14:24:24 +01:00
Giorgi Guliashvili
84698b3e84
get rid of alias verbose_debug and debug (#4972) 2018-08-20 14:17:03 +01:00
Teddy Reed
512f775c58
Remove boost SHA1 UUID dependency (#5070) 2018-08-19 21:55:00 -04:00
Alexander
f850714642
Remove safeStrtol from conversion.h (use tryTo<long> instead) (#4768) 2018-08-10 11:05:57 +01:00
Giorgi Guliashvili
4b7e211965
pauseMili to pause transform (#4796) 2018-08-02 16:57:02 +01:00
Alexander
9e798eb162
Remove safeStrtoll from conversions.h and change all usecases to tryTo<> (#4754) 
Also I've used a throwning std::stoll because the tests should not be exception safety and must fail if something goes wrong.
 2018-07-26 10:57:52 +01:00
Giorgi Guliashvili
80bfef9f77
setThreadName boilerplate removal (#4749) 2018-07-23 19:50:35 +01:00
Mitchell Grenier
69d307b64c
Add labels for threads (#4295) 2018-07-23 11:13:43 -07:00
Teddy Reed
112a33ddc0
cleanup: Migrate calls to tryTo from 4683 (#4710) 2018-07-21 12:19:33 -04:00
Giorgi Guliashvili
94397d3c04
get rid of unnecessary ptree includes (#4727) 2018-07-19 10:45:40 +01:00
Giorgi Guliashvili
386ccb5e96
disable malfunctioning new features on the fly using killswitch (#4671) 2018-07-18 22:11:19 +01:00
Giorgi Guliashvili
61b66559fa
remove old version of schedule from the codebase and tests (#4707) 2018-07-14 19:18:28 +01:00
Teddy Reed
fa4f63fb84
tables: Remove lexical_cast include from tables (#4683) 2018-07-14 11:42:44 -04:00
Vova Mishatkin
0cc9b84e4f
Add tests for file_paths_query (#4693) 2018-07-11 18:29:55 +01:00
Teddy Reed
6d5f94b2c6
flags: Separate flags and flagalias (#4682) 2018-07-10 23:04:39 -04:00
Vova Mishatkin
dbac4ea67c
Add the ability to specify file_paths with sql queries (#4678) 2018-07-10 16:24:13 +01:00
Max Kareta
6ab2a83a61
Refactor/cmake 5 (#4642) 2018-06-26 16:54:08 +01:00
Alexander
f9e9fdb962 Remove unused unused mutex 'config_valid_mutex_' from config (#4637) 2018-06-26 16:01:28 +01:00
Filipe Manco
b67fc0eb28
Comment out unused parameter to make linter happy (#4606) 2018-06-19 22:02:32 +01:00
iBigQ
0bce73c846 Parse structured options as string (#4567) 
* Parse structured options as string

* Added option parsing test

* fix option json test

* fix formating
 2018-06-19 17:11:51 +01:00
Max Kareta
4b8d7f0c53
moved from file(GLOB); added CMAKE_CURRENT_LIST_DIR to support include syntax (#4582) 2018-06-18 14:24:20 +01:00
Filipe Manco
b512f4be6d
ATCPlugin fix ctor initialization order (#4540) 2018-06-13 17:17:28 +01:00
Alexander
4c2925743e If config update call from extension failed, do not go further (#4517) 2018-06-08 10:15:46 -07:00
Mitchell Grenier
6ea8ceb944
Allow ATC to ignore DB locking (#4414) 2018-06-06 12:30:31 -07:00
Alexander
e6f69e6480 Use std::vector instead of std::list for PackRef in Config implementation (#4485) 2018-06-04 09:46:54 -07:00
Alexander
a4ca8b1048
Rid off the shared_ptr using from config schedule (#4423) 
there is no reason to share this objects
 2018-06-04 10:34:32 +01:00
Max Kareta
5aca61375f
reorganized includes to improve compile time (#4445) 2018-05-30 00:17:40 +01:00
Filipe Manco
c485474ad6
Enable configure() calls on logger plugins (#4434) 2018-05-29 09:58:07 +01:00
Filipe Manco
67f95baf6e
Fix files with no new line at eof (#4426) 2018-05-24 20:12:31 +01:00
Alexander
8de02701f2 Apply const qualifier for Config::packs(...) method (#4387) 2018-05-18 18:37:33 +01:00
Teddy Reed
201dd6d940 packs: Fix blacklist option bool assumption (#4400) 2018-05-18 11:58:59 +01:00
Alexander
bfb6c13674 Add const qualifier to some Config methods (#4383) 2018-05-11 09:36:48 +01:00
Alexander
1a48150be0 Pass name of query to lambda in Config::scheduledQueries by value (#4367) 2018-05-09 14:56:19 +01:00
Nick Anderson
4125297158
tables: adds a Powershell events table to Windows (#4351) 2018-05-07 10:26:43 -07:00
Mitchell Grenier
192ccaeaed
New ATC Tables (#4271) 2018-05-04 13:54:14 -07:00