valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,219 Commits 2 Branches 109 Tags 25 MiB
6842797bf5
Commit Graph

1849 Commits

Author SHA1 Message Date
Teddy Reed
6842797bf5 Create temp directory and fail over to user home (#2529) 2016-09-26 23:44:50 -07:00
Teddy Reed
257535e5a2 Correct config-loaded meaning to be has-run-load (#2528) 2016-09-26 22:34:03 -07:00
Teddy Reed
4d1451c9b4 Add extensions SDK incompatibility checking (#2527) 2016-09-26 17:32:41 -07:00
Zachary Wasserman
9216ed8275 Make syslog rate limit configurable by flag (#2526) 2016-09-26 17:31:22 -07:00
Teddy Reed
7aa1762f52 Promote host UUID to version 2 (#2525) 2016-09-26 12:30:05 -07:00
Nick Anderson
3a351ebf43 Adding windows system_info virtual table (#2521) 2016-09-26 11:08:57 -07:00
Teddy Reed
17b89fc182 Refactor events and remove 10/3600 indexes (#2523) 2016-09-25 22:19:31 -07:00
Teddy Reed
97bc369b6a Attempt to query platform UUID on Linux (#2522) 2016-09-25 17:55:02 -07:00
Nick Anderson
8fd1ba9004 Adding the windows users virtual table (#2506) 2016-09-24 18:18:40 -07:00
Teddy Reed
64797ffadf Restrict regular file checking of TLS pinned cert to Windows (#2520) 2016-09-23 20:44:06 -07:00
yying
bb7d558681 Update service status to prevent "Terminated Unexpectedly" error (#2515) 2016-09-23 20:05:56 -07:00
lambda-conjecture
49d939b93d Fix update of event plugins when config fails to load at startup (#2507) 2016-09-23 19:30:33 -07:00
Nick Anderson
e167619bfa Adding kernel panics table (#2488) 2016-09-23 19:04:50 -07:00
Teddy Reed
bcd90070ae Remove time-override for events add API (#2508) 
This will remove the use of current time for syslog.time and introduce
a new column called 'datetime'.

Events now uses an "optimize_id" alongside "optimize" to prevent returning
colliding events added within the same second as the previous genTable call.
 2016-09-23 16:46:02 -07:00
Michael McGrew
30c17885ad New windows tables (#2451) 2016-09-23 14:33:44 -07:00
Jason Ogden
ee3ce66465 Extended crontab table to support files in /etc/cron.d/ (#2517) 
merge dis in
 2016-09-23 13:03:27 -07:00
Teddy Reed
62edfd46fe Toggle --utc to true (#2504) 2016-09-23 10:14:27 -07:00
Nick Anderson
83442532d7 Added flagfile to Windows service install (#2509) 2016-09-22 17:44:21 -07:00
Seshu Pasam
0f555c010d Use special base value of '0' that can handle values starting with 0x (#2505) 2016-09-22 13:32:45 -07:00
Nick Anderson
2626f8cf46 Fixed Thrift exit verbosity in Windows (#2500) 2016-09-21 18:54:03 -07:00
Teddy Reed
53b73d99c7 [Fix #2483] Lock registry manipulation while setting active plugins (#2499) 2016-09-21 18:04:58 -07:00
Teddy Reed
6ac58f17d6 Remove extensions retry and introduce watcher retry (#2498) 2016-09-21 16:17:30 -07:00
Teddy Reed
a6589c49e3 [Fix #2482] Use atomic member in Dispatcher tests (#2494) 2016-09-21 10:52:52 -07:00
yying
a7af70d021 Adding remote config/logging capabilities to Windows build (#2469) 2016-09-20 14:18:58 -07:00
Teddy Reed
ef10e93d60 Improve scheduled/differential query performance and logging (#2476) 2016-09-19 16:45:13 -07:00
Zachary Wasserman
9701c55d96 Add active column to osquery_packs table (#2475) 2016-09-19 13:00:11 -07:00
Nick Anderson
5877c3d464 Removing service start functionality (#2464) 2016-09-16 15:17:03 -07:00
Nick Anderson
386f123e03 Changing windows service name for parity with other platforms (#2465) 2016-09-16 15:16:48 -07:00
Bryon Gloden, CISSP®
0ef69c6b1d [windows] fix deallocation mismatches (#2468) 2016-09-15 15:13:05 -07:00
Teddy Reed
366b5f08ca Limit Linux package dependencies (#2463) 2016-09-14 10:31:21 -07:00
Teddy Reed
c7ee4f9ca4 Add librpm build and RPM tables (#2456) 2016-09-12 22:43:36 -07:00
Teddy Reed
53364b3cb5 Check for plist existance before attempting parsing (#2450) 2016-09-12 22:41:23 -07:00
Teddy Reed
a6ea7d6f6e Fix potential cast issue in memory_info (#2457) 2016-09-12 22:40:51 -07:00
Mitchell Grenier
072a93ccac Accelerated checkins (#2454) 2016-09-12 16:53:42 -07:00
yying
a27d6567e4 Core and Additional Tests (#2441) 2016-09-12 09:46:52 -07:00
Teddy Reed
817cb7ebd4 Fix minor sandboxes performance issues and plist parsing exceptions (#2455) 2016-09-09 19:45:37 -07:00
Nick Anderson
5060392b06 Multiple bug fixes in crashes (#2447) 2016-09-09 15:10:11 -07:00
Teddy Reed
71fff517e5 Add warning for event-based table without events (#2449) 2016-09-08 15:44:32 -07:00
Mitchell Grenier
61c9da1c42 Buffer the distributed queries to RocksDB for greater reliability (#2452) 2016-09-08 15:40:14 -07:00
Nick Anderson
467f9b3409 Adding Bool and String Array WMI Wrapper functions (#2430) 2016-09-07 18:04:33 -07:00
Teddy Reed
ea9ef3211c Change schedule and distributed log execution status text (#2445) 2016-09-07 15:35:28 -07:00
Teddy Reed
1bc52f8a50 [Fix #2443] Restore shellstaticFunc argument names (#2444) 2016-09-07 14:28:56 -07:00
Nick Anderson
01011f4d0f Fixed bug in MULTI_SZ processing (#2439) 2016-09-06 16:41:57 -07:00
Teddy Reed
81d8a4aa68 Emit warnings for improper 'osquery' table usage (#2432) 2016-09-02 19:13:37 -07:00
yying
84e6a3401a Reducing compiler warnings and fails on warn in VS (#2433) 2016-09-02 15:04:03 -07:00
Nick Anderson
7c90823a0c Upgrade LLVM to 3.8.1 on Linux (#2436) (#2435) 2016-09-02 14:53:04 -07:00
Teddy Reed
b61bbdbae3 Remove OpenSSL and cpp-netlib old version exceptions (#2413) 2016-08-31 17:32:50 -07:00
yying
d347c847e1 Support for extensions (#2363) 2016-08-31 16:45:06 -07:00
Teddy Reed
65dd56e113 Introduce table 'attributes' (#2431) 2016-08-31 15:32:20 -07:00
Teddy Reed
d6e20279d8 Use LOG(INFO) and set INFO as default logging mode (#2420) 
This is fairly important, it changes the default mode for what status
events are logged to INFO. It had been set to WARNING and INFO was relatively
unused.

This also removes expected support for RocksDB 'in-memory' databases.
If a shell-user requests a database via CLI flags it will now work.
 2016-08-31 15:09:01 -07:00