valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 01:55:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,456 Commits 2 Branches 109 Tags 25 MiB
6344f58712
Commit Graph

4456 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonathan Keljo
1ea714a325 Plumb used columns into QueryContext; use that to make processes table more efficient on macOS (#4269) 2018-05-12 09:07:57 -07:00
James Jerger
a5df5acc01 Refactor tables to bail out early on error. Add encryption method to bitlocker_info. (#4337) 2018-05-11 22:57:16 -07:00
Nick Anderson
e50a38490b
bug: wait for service thread to finish before exiting with SCM (#4386) 2018-05-11 14:30:16 -07:00
Filipe Manco
74cee943f3
Handle placeholder hardware UUIDs (#4374) 2018-05-11 21:35:33 +01:00
Alexander
bfb6c13674 Add const qualifier to some Config methods (#4383) 2018-05-11 09:36:48 +01:00
Andrew Guthrie
a6064cf247 NPM Packages Table on Linux (#4315) 2018-05-10 19:11:30 -07:00
Howard Griffith
78e039fbf0 packs: Adding ColdRoot RAT to osx-attacks detection list (#4377) 2018-05-10 15:14:47 -07:00
Steve Brito
8c22b59538 Add manufaturer and service to interface_details table for Windows (#4376) 2018-05-09 18:07:07 -07:00
Alexander
1a48150be0 Pass name of query to lambda in Config::scheduledQueries by value (#4367) 2018-05-09 14:56:19 +01:00
Nick Anderson
4125297158
tables: adds a Powershell events table to Windows (#4351) 2018-05-07 10:26:43 -07:00
Rich5
aea381e147 Correct process uid for user name mapping and added is_elevated_token column (#4369) 2018-05-06 20:14:59 -07:00
Jonathan Keljo
45b0286c4f [darwin] Fix a variety of small bugs in system_controls (#4328) 2018-05-06 20:59:03 -04:00
Mitchell Grenier
192ccaeaed
New ATC Tables (#4271) 2018-05-04 13:54:14 -07:00
Jonathan Keljo
4ed6a22a4b Fix an old regression in processes table on macOS (#4254) 2018-05-04 18:18:59 +01:00
Nick Anderson
5073348d2f
release: adding Windows links to release script (#4366) 2018-05-03 16:50:56 -07:00
Mitchell Grenier
30a10db1a3
macOS usb_devices slight code adjustment (#4365) 2018-05-03 14:33:46 -07:00
barn-stripe
2e72f9f20a Fix USB class/subclass IDs on darwin (#4363) 2018-05-03 21:56:04 +01:00
Nick Anderson
81751e5526
bug: do not block hashing file read on posix (#4356) 2018-05-03 10:38:06 -07:00
Nick Anderson
d10dbb3caa
tables: updating confusing info messages for interface details table (#4215) 2018-05-03 10:34:33 -07:00
Soukaina NAIT HMID
2ac7dc6b64 recover interface flags (#4303) 2018-05-03 18:14:36 +01:00
Filipe Manco
446ae4c366
Add namespaces to processes table on linux (#4263) 2018-05-03 18:12:53 +01:00
Filipe Manco
96a5bdde7f
Remove --logger_min_stderr from service files (#4361) 2018-05-03 16:56:55 +01:00
Mitchell Grenier
5bd021a84f
Cups Jobs and Cups Destinations (#4278) 2018-05-02 15:03:17 -07:00
Mitchell Grenier
8d16ae3887
Add an mdfind table to macOS (#4313) 2018-05-02 10:58:12 -07:00
Nick Anderson
6eb695bf9b
service: add full path for service binary (#4316) 2018-05-01 20:47:22 -07:00
Teddy Reed
f5abb45919
Fast code audit for flags and dispatcher (#4355) 2018-05-01 22:47:01 -04:00
Teddy Reed
eb4460dc8e
Use shadow-all instead of shadow for more GCC parity (#4353) 2018-05-01 22:17:53 -04:00
Florian Klink
d102b1754b tools/get_platform.py: add support for nixos (#4267) 2018-05-01 21:58:03 -04:00
Filipe Manco
161653b2b4 Make options parser ignore invalid options (#4345) 2018-05-01 21:55:33 -04:00
Teddy Reed
e34a558e7b
Separate general hashing methods from table implementation (#4350) 2018-05-01 21:54:23 -04:00
Teddy Reed
0625657dc6
Remove clang pragmas from tables.h (#4352) 2018-05-01 21:50:11 -04:00
Erick Cheng
5e1a92375f packs: Update unwanted-chrome-extensions.conf (#4332) 2018-05-01 16:47:05 -07:00
Teddy Reed
97dae5a56e
sync: Fix sync to handle new fbthrift refactor (#4349) 2018-05-01 19:04:46 -04:00
Nick Anderson
8158f090f8
style: fixing WEL parsing ternary (#4346) 2018-05-01 12:28:30 -07:00
Jonathan Keljo
7a7c43dbe2 Enable query planner to understand CAST statements (#4326) 2018-05-01 12:24:10 -07:00
Teddy Reed
349f401161
Move singleton accessors into implementations (#4347) 2018-05-01 14:56:51 -04:00
Zac Brown
e1534bb3c8 bug: Fix parsing of EventData block for Windows Events. (#4321) 2018-05-01 10:37:58 -07:00
Chris Long
fa487de584 packs: Updating reverse shell query in osx-attacks (#4255) 2018-05-01 10:37:25 -07:00
Filipe Manco
d706f6b52d Fix init when using fbthrift (and folly) (#4343) 2018-05-01 13:27:55 -04:00
Filipe Manco
c12895c5ae Fix registry locking for plugin method (#4341) 2018-05-01 13:27:04 -04:00
Teddy Reed
7919791637
fbthrift: Second set of Apache and FbThrift refactors (#4312) 2018-05-01 13:26:10 -04:00
Eitan Adler
cbb22c887f Remove extraneous letter from CLI flags (#4334) 2018-04-27 14:14:57 -07:00
Mitchell Grenier
c646139e97
Fix a unicode parsing error (#4310) 2018-04-25 15:12:01 -07:00
Yuan Lei
8c9900008d
bug: fix fail to read yum sources (#4284) (#4327) 2018-04-25 12:12:08 -07:00
Nick Anderson
6ba14264e7
bug: fix handle leaks in Windows process functions (#4323) 2018-04-24 14:48:51 -07:00
Nick Anderson
e99351191e
tests: cleaning up windows service tests (#4324) 2018-04-24 14:45:55 -07:00
Mitchell Grenier
592f7d9fa8 bug: convert empty ptree json to empty RJ lists for db upgrades (#4325) 2018-04-24 13:39:22 -07:00
Nick Anderson
c0fd453504
readme: fixed link for windows 2016 builds (#4319) 2018-04-23 16:16:56 -07:00
Mitchell Grenier
44c0b03702
Fix a memory leak in the sip_config table (#4305) 2018-04-20 13:52:24 -07:00
Nick Anderson
305108155a
bug: handle windows service shutdowns gracefully (#4286) 2018-04-18 07:51:04 -07:00