valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,145 Commits 2 Branches 109 Tags 25 MiB
6bd6fce8f5
Commit Graph

629 Commits

Author SHA1 Message Date
mike@arpaia.co
6279f5cb96 setting property to null in the event that the property type is unknown 2014-08-26 14:58:10 -07:00
mike@arpaia.co
df580161f8 fixing leak of pids in listening_ports.cpp 2014-08-26 14:53:56 -07:00
mike@arpaia.co
3d3271a625 kextstat allocation clarity 2014-08-26 13:34:08 -07:00
mike@arpaia.co
7e3a2772a2 autorelease whaaaaaat 2014-08-26 11:39:27 -07:00
mike@arpaia.co
15519b348e Adding LaunchDaemon and flagfile to the repo/package 2014-08-26 11:26:52 -07:00
Teddy Reed
02fc4538d7 [Fix #66] Moving not_valid fields in cacerts to std string 2014-08-22 23:14:44 -07:00
Teddy Reed
f461605b94 [vtable_interfaces] Add interface_{details, addresses} vtables 2014-08-21 18:49:15 -07:00
mike@arpaia.co
c9fb930ee4 OS specific table specs directory structure 2014-08-20 01:14:20 -07:00
mike@arpaia.co
807a3617c2 Removing example table 2014-08-19 21:49:42 -07:00
Mike Arpaia
f08ab26841 Merge pull request #60 from facebook/vtable_routes 
[vtable_routes] Added vtable for various network routes
 2014-08-19 21:46:36 -07:00
Teddy Reed
42d7f982e9 [vtable_routes] Added vtable for various network routes 2014-08-19 21:39:16 -07:00
mike@arpaia.co
fbc37d9399 clang-format on objective-c++ files 2014-08-19 20:18:49 -07:00
Mike Arpaia
b8e823f190 Merge pull request #58 from facebook/plist_parsing 
fixing an issue with json serializing raw data attributes in plists
 2014-08-19 20:09:14 -07:00
mike@arpaia.co
745b74c7de fixing an issue with json serializing raw data attributes in plists 2014-08-19 18:54:03 -07:00
Teddy Reed
95ceb21ec5 [vtable_listening_ports] Listening sockets, IPv4, IPv6 2014-08-19 15:25:16 -07:00
Teddy Reed
444cea0649 [vtable_cacerts] New CA certificates table. 2014-08-19 13:47:09 -07:00
mike@arpaia.co
3760e4cce5 Apple virtual table for LaunchAgents and LaunchDaemons 2014-08-15 13:46:09 -07:00
mike@arpaia.co
9973335e49 OS X virtual tables for currently installed applications 2014-08-15 12:58:19 -07:00
mike@arpaia.co
e723306c13 Ran clang-format across the codebase 2014-08-15 12:29:51 -07:00
mike@arpaia.co
f1b0bef782 listFilesInDirectory 2014-08-14 16:27:20 -07:00
mike@arpaia.co
f6e6629d98 fixing include path in osx_version.mm 2014-08-14 11:35:30 -07:00
Mike Arpaia
3161e8cfeb Merge pull request #48 from facebook/firewall 
Virtual table for Apple's application level firewall
 2014-08-14 11:33:53 -07:00
mike@arpaia.co
1a381e0feb Virtual tables for Apple's application level firewall 2014-08-14 11:33:20 -07:00
mike@arpaia.co
2311022e7f moving cocoa backports to core/osx 2014-08-13 23:20:58 -07:00
mike@arpaia.co
826f9d9905 adding an example of what happens when you pt::ptree::get something that doesn't exist 2014-08-13 12:12:24 -07:00
mike@arpaia.co
7d1ce83183 fixing the unit test in filesystem 2014-08-13 11:55:29 -07:00
Mike Arpaia
5f9a24202f Merge pull request #42 from facebook/kexts 
Loaded kernel extensions vtable
 2014-08-13 11:49:48 -07:00
mike@arpaia.co
e2bd07008d [kextstat] osquery virtual table which uses the Core Foundation APIs to 
expose kernel extension information.

For information about memory managament in Core Foudnation, see:
https://developer.apple.com/library/ios/documentation/CoreFoundation/Conceptual/CFMemoryMgmt/Concepts/Ownership.html#//apple_ref/doc/uid/20001148-103029
 2014-08-13 11:48:53 -07:00
Mike Arpaia
702d53af10 Merge pull request #47 from facebook/system_version 
osx_version table which exposes the major, minor and patch version of the operating system
 2014-08-13 11:44:14 -07:00
Mike Arpaia
609f0bbf07 Merge pull request #46 from facebook/plist_parsing 
property list parsing with native C++ data types
 2014-08-13 11:43:27 -07:00
mike@arpaia.co
b65f96d666 osx_version table which exposes the major, minor and patch version of 
the operating system
 2014-08-13 11:02:17 -07:00
mike@arpaia.co
3b85618ae0 property list parsing with native C++ data types 2014-08-13 11:00:28 -07:00
Teddy Reed
1b6ef08611 Silencing various compiler errors for goto statements. 2014-08-13 08:56:39 -07:00
Mike Arpaia
25ecc35a98 Merge pull request #44 from facebook/vtable_nvram 
[vtable_nvram] Added NVRAM variables vtable (name, variable type, value).
 2014-08-12 18:09:31 -07:00
Teddy Reed
83dc09bca3 [vtable_nvram] Various code cleanups 2014-08-12 11:43:38 -07:00
Teddy Reed
1888150596 [vtable_nvram] Added NVRAM variables vtable (name, variable type, value). 2014-08-12 00:02:38 -07:00
mike@arpaia.co
845cb6ef3b more sane formatting by default in the repl 2014-08-11 22:38:51 -07:00
mike@arpaia.co
2862407079 fixing a spacing issue in the repl so that multi-line SQL statements are aligned properly 2014-08-11 21:57:16 -07:00
mike@arpaia.co
e7a65b21c7 readline support in the repl 2014-08-11 21:55:45 -07:00
mike@arpaia.co
2a571d8aae making sure that database objects aren't built before rocksdb is 2014-08-11 18:03:25 -07:00
mike@arpaia.co
7a56756073 moving sqlite to third-party 2014-08-11 17:37:49 -07:00
mike@arpaia.co
9a9ae03506 renaming CMakeLists.txt 2014-08-10 02:07:15 -07:00
mike@arpaia.co
98942a7b3c whitespace inconsistency in base.h 2014-08-07 13:35:49 -07:00
mike@arpaia.co
b0a5c9cfe4 changing forward decl signature in unit test 2014-08-07 13:28:16 -07:00
mike@arpaia.co
968a8a8355 forward declarations in table files 2014-08-07 13:14:06 -07:00
mike@arpaia.co
a72e87805f adding objcxx support to tables 2014-08-06 17:42:35 -07:00
mike@arpaia.co
d32a7a8037 moving the example table to an examples directory 2014-08-06 16:33:54 -07:00
mike@arpaia.co
a453db8a09 merging etc_hosts with master 2014-08-06 16:26:33 -07:00
mike@arpaia.co
7d9dc341ce getting rid of bind1st and relevant headers 2014-08-06 16:24:44 -07:00
mike@arpaia.co
21afc0b75b raw string literals in etc_hosts test content 2014-08-06 16:08:16 -07:00
mike@arpaia.co
4bec86c534 zwass' comment on etc_host table 2014-08-06 15:55:46 -07:00
mike@arpaia.co
b048b699d4 a zwass special, unordered_set::find 2014-08-06 15:24:08 -07:00
mike@arpaia.co
64bf1db2fe more intelligent sizing of data structures 2014-08-06 15:17:51 -07:00
mike@arpaia.co
5a4517cfe6 removing range based for loop for pids and removing memsets for chars 2014-08-06 15:02:14 -07:00
mike@arpaia.co
a5edef6782 string::length instead of strlen 2014-08-06 14:13:37 -07:00
mike@arpaia.co
5863fb2948 unordered set 2014-08-06 14:09:37 -07:00
mike@arpaia.co
9cb52eb1e1 unordered_map and better logic around on_disk 2014-08-06 14:07:19 -07:00
mike@arpaia.co
e6a38a2b71 num_pids lower case and comment on negative pids 2014-08-06 13:58:23 -07:00
mike@arpaia.co
b0863e1af5 reorder of headers 2014-08-05 18:16:27 -07:00
mike@arpaia.co
32808d5830 moving processes table into systems dir 2014-08-05 18:14:32 -07:00
mike@arpaia.co
48c8ebed17 moving networking vtables into their own dir 2014-08-05 18:10:18 -07:00
mike@arpaia.co
ee3d9948ea removing generated code 2014-08-05 17:53:59 -07:00
mike@arpaia.co
14c20204a6 more columns 2014-08-05 17:53:59 -07:00
mike@arpaia.co
8b7282bd60 initial commit of processes table 
Tasks #31 and #14
 2014-08-05 17:53:59 -07:00
mike@arpaia.co
0a83a04b40 removing header 2014-08-05 17:42:25 -07:00
mike@arpaia.co
0e33308803 removing generated code 2014-08-05 17:42:24 -07:00
mike@arpaia.co
346b1f6497 unused headers 2014-08-05 17:42:24 -07:00
mike@arpaia.co
1a114c4f18 bug fixes 2014-08-05 17:42:24 -07:00
mike@arpaia.co
7b3de7a3eb implementation for /etc/hosts vtable 2014-08-05 17:42:24 -07:00
mike@arpaia.co
0c1e7de598 virtual table structure for #25, the /etc/hosts vtable 2014-08-05 17:42:24 -07:00
mike@arpaia.co
7c81d42de5 reordering includes in cpp files 2014-08-05 17:37:04 -07:00
mike@arpaia.co
ec30260f37 core/status to status and header cleanup 2014-08-05 16:13:55 -07:00
mike@arpaia.co
dbf09752e9 moving manual tables into their own directory 2014-08-05 10:54:14 -07:00
mike@arpaia.co
7bc43dfe93 removing generated code 2014-08-05 02:34:36 -07:00
mike@arpaia.co
e261f1b6d4 more cleanups 2014-08-05 02:21:24 -07:00
mike@arpaia.co
f7a88ad771 automatic table loading 2014-08-05 01:21:28 -07:00
mike@arpaia.co
b79599ea84 readFile function 2014-08-04 11:06:45 -07:00
mike@arpaia.co
4986fbea20 filesystem.h header 2014-08-02 11:28:38 -07:00
mike@arpaia.co
73a32b7294 Initial commit 2014-07-30 17:35:19 -07:00