Commit Graph

708 Commits

Author SHA1 Message Date
Mike Arpaia
6f6e4bfeca Merge pull request #397 from facebook/host-identifier
Added --host_identifier option
2014-11-10 16:52:01 -05:00
Bryan Eastes
ec081c9a54 Added --host_identifier option
Conflicts:
	osquery/core/system.cpp
2014-11-10 16:41:13 -05:00
Teddy Reed
08bbd47a02 Merge pull request #396 from theopolis/feature-vtable-blacklist
Support USE_BLACKLIST=1 to remove tables from release
2014-11-10 13:32:01 -08:00
Teddy Reed
8b1af689db Blacklist is now on by default 2014-11-10 13:30:38 -08:00
Teddy Reed
177229ead1 Add queries_from_config to profile 2014-11-10 13:30:38 -08:00
Teddy Reed
050e942d11 Support USE_BLACKLIST=1 to remove tables from release 2014-11-10 13:30:38 -08:00
Mike Arpaia
cbe56931ef Merge pull request #287 from astanway/master
Socket_inode and port_inode tables to map PIDs->ports via netlink inet_diag
2014-11-10 16:15:46 -05:00
mike@arpaia.co
9effc14903 FindBoost is busted 2014-11-10 16:14:48 -05:00
Abe Stanway
6a6dc8f997 linux-headers-generic 2014-11-10 15:02:31 -05:00
Abe Stanway
811d98c595 free(linkname) and no more 'self' 2014-11-10 15:02:31 -05:00
Abe Stanway
30149a70f9 Updated 2014-11-10 15:02:31 -05:00
Abe Stanway
322fde0121 Socket_inode and port_inode tables to map PIDs->ports via netlink inet_diag
Example query:
```
SELECT port.local_port,
       port.remote_port,
       port.local_ip,
       port.remote_ip,
       socket.pid,
       process.name,
       process.cmdline
       process.path
       FROM socket_inode AS socket
       JOIN port_inode AS port
       ON socket.inode = port.inode
       INNER JOIN processes AS process
       ON socket.pid = process.pid;
```
2014-11-10 15:02:31 -05:00
Teddy Reed
86d2ac208b Use leaks for OSX memory leak profiling 2014-11-10 11:34:17 -08:00
Mike Arpaia
3245e5a6cd Merge pull request #394 from wizzat/process_args
Add cmdline to darwin
2014-11-10 13:20:47 -05:00
Teddy Reed
19aa99583e Linux processes vtable use freeproc 2014-11-10 10:12:47 -08:00
Mark Roberts
dc1684fca7 Add cmdline to darwin 2014-11-10 09:36:17 -08:00
mike@arpaia.co
bd4d1dfc0f Removing superfluous logging from DBHandle. close #387 2014-11-10 12:15:35 -05:00
Teddy Reed
22cf9909ec [Fix #388] Check for 0 in profile tooling 2014-11-10 02:03:58 -08:00
Teddy Reed
bc05f5de78 Merge pull request #383 from theopolis/fix_rpm_packages
[Fix #367] Check RPMTAG class before cast
2014-11-10 01:59:13 -08:00
Teddy Reed
b0ff403d3d Fixing librpm API usage leaks 2014-11-10 01:48:07 -08:00
Teddy Reed
b2e806e453 Merge pull request #384 from ga2arch/stringstream
read the file directly into a stringstream buffer
2014-11-09 13:30:22 -08:00
Teddy Reed
ea0d210ad3 Fix newline warning in flags 2014-11-09 13:24:57 -07:00
Gabriele Carrettoni
77b521ce7b read the file directly into a stringstream buffer 2014-11-09 16:57:35 +01:00
Teddy Reed
b77406b122 [Fix #367] Check RPMTAG class before cast 2014-11-09 02:07:49 -08:00
Teddy Reed
84cc45a366 SQLite DBfile not needed 2014-11-09 01:01:17 -08:00
Teddy Reed
d7a76c6dc9 Merge pull request #381 from theopolis/feature-build-improvements
Feature build improvements
2014-11-09 00:01:19 -08:00
Teddy Reed
f7667ec440 Remove Threads requirement, cleanup flags 2014-11-09 00:00:57 -08:00
Teddy Reed
078d4cf7d2 Refector shell flags/versioning 2014-11-08 20:27:28 -08:00
Teddy Reed
62d6472cfe Rethinking some build improvements 2014-11-08 19:28:35 -08:00
Teddy Reed
82a082e20e Merge pull request #380 from ga2arch/unique_ptr
use unique_ptr instead of raw pointer
2014-11-08 19:27:49 -08:00
Gabriele Carrettoni
848bd4d96e use unique_ptr instead of raw pointer 2014-11-09 02:23:19 +01:00
Mike Arpaia
2db0fd60f7 Update README.md 2014-11-07 17:33:02 -08:00
Mike Arpaia
ef8c4e26fd Delete .travis.yml 2014-11-07 17:32:47 -08:00
Mike Arpaia
408ca5ee77 Merge pull request #378 from vlajos/typofixes-vlajos-20141107
typo fixes - https://github.com/vlajos/misspell_fixer
2014-11-07 14:58:28 -08:00
Veres Lajos
afc82c722f typo fixes - https://github.com/vlajos/misspell_fixer 2014-11-07 22:18:02 +00:00
Teddy Reed
2db0ac6fd9 Merge pull request #375 from facebook/feature-perf-tooling
[tools] Performance monitoring tooling
2014-11-07 08:08:38 -08:00
Mike Arpaia
6a64600b43 Merge pull request #374 from LTD-Beget/gonna_catch_them_all
Catch exception in pathExists
2014-11-06 17:45:39 -08:00
Teddy Reed
131dca2673 [tools] Performance monitoring tooling 2014-11-06 17:37:26 -08:00
Alexander Polyakov
00dbf282a6 / is not always readable 2014-11-07 01:00:58 +03:00
Alexander Polyakov
78af7dd885 Catch exception in pathExists
boost::filesystem::exists() throws
2014-11-07 00:20:22 +03:00
Mike Arpaia
be020aa4c2 Merge pull request #372 from LTD-Beget/processes_euid_egid
Add uids and gids to process table
2014-11-05 16:06:24 -08:00
Alexander Polyakov
c0d827f534 Add euid / egid to process table
(not tested on darwin)
2014-11-06 01:35:52 +03:00
Mike Arpaia
5402c8b3bc site instructions [skip ci] 2014-11-05 12:14:40 -08:00
Teddy Reed
51f434f6b9 Merge pull request #366 from facebook/site_tables
[site] Add tables API page
2014-11-05 10:57:28 -08:00
Teddy Reed
88b1133024 [site] Added pages for static build 2014-11-05 10:42:14 -08:00
Mike Arpaia
ac7417ba58 Merge pull request #364 from justintime32/centos_libblkid_devel
Ensure that libblkid-devel is installed on CentOS
2014-11-05 10:31:28 -08:00
mike@arpaia.co
1a129ff17c adding a few more valid urls to the routes 2014-11-05 02:32:59 -08:00
Teddy Reed
b79f512a9a [site] Add tables API page 2014-11-05 02:19:20 -08:00
Justin Gerace
40367dc054 Ensure that libblkid-devel is installed on CentOS 2014-11-04 19:33:43 -08:00
Mike Arpaia
d9c3638fc1 Merge pull request #361 from facebook/startup_items
Startup items
2014-11-04 12:54:09 -08:00