valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
778 Commits 2 Branches 109 Tags 25 MiB
715e10a738
Commit Graph

778 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mike@arpaia.co
715e10a738 Change glog max log size to 10MB 
close #444
 2014-11-17 11:39:35 -08:00
Teddy Reed
1116d6a928 Merge pull request #438 from theopolis/feature-arp-table 
arp_cache vtable for OSX and Linux
 2014-11-17 11:36:46 -08:00
Mike Arpaia
c56d045f7a Merge pull request #447 from facebook/445 
Get rid of superfluous logging in launchQueries
 2014-11-17 11:29:55 -08:00
mike@arpaia.co
f707253537 close #445 2014-11-17 11:29:14 -08:00
Mike Arpaia
c5e50ff26e Merge pull request #439 from wxsBSD/macros 
Use INTEGER macro.
 2014-11-17 11:19:08 -08:00
Wesley Shields
c764226b77 Use INTEGER macro. 
This makes the code match the example at:

https://github.com/facebook/osquery/wiki/creating-a-new-table
 2014-11-17 13:30:46 -05:00
Teddy
968f8027e6 Cleaner arp_table->arp_cache on Linux/OSX 2014-11-17 02:37:15 -08:00
Javier Marcos
093c857aea Merge pull request #437 from facebook/centos_build_fix 
Fixes building in CentOS, sudo was missing from some commands
 2014-11-16 22:51:06 -08:00
Javier Marcos
5db8dcbae6 Fixes building in CentOS, sudo was missing from some commands 2014-11-16 22:46:12 -08:00
Teddy Reed
d50d1cf3a7 Faster build on Ubuntu 2014-11-16 19:49:41 -08:00
Teddy Reed
ee015343f9 Simplify arp, move to arp_table 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
65c4ed4a7d Fix boost split on linux to remove sscanf 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
2b32673445 Some fixes: 
- clang-format on code
- NULL -> nullptr
- some (char *) changed in std::string favour
- Removed a memory leak.
- Moved struct inside the table namespace
 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
778951d6a4 Remove osx dependency on system() call to get arp information 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
c7fc2cee22 rename vtable field arp->mac 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
4f524abbea arp vtable different implementation in osx and linux 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
413d6f068b Change fgetln (osx specific) in favour of getline (both osx and linux) 2014-11-16 19:49:40 -08:00
Pablo S. Torralba
1843d80660 arp vtable with ip, arp and interface where it was seen 2014-11-16 19:49:40 -08:00
Mike Arpaia
c594c67dae Merge pull request #436 from facebook/launchd-customization 
Customizable LaunchDaemon via a command-line flag
 2014-11-16 13:01:17 -08:00
Mike Arpaia
a4b9920ed9 Merge pull request #435 from facebook/blacklist-inode 
blacklisting port_inode and socket_inode
 2014-11-16 13:01:01 -08:00
mike@arpaia.co
2e49debd70 Customizable LaunchDaemon via a command-line flag 
This is in response to #411. Allowing you to specify arguments on the
command-line has more edge-cases than I'd prefer, so I think this is a
bit more of a sustainable solution, especially given that you're already
supplying the tool with a path to your config file (now you can just
track one additional file).
 2014-11-16 11:07:52 -08:00
mike@arpaia.co
bfceaf8453 blacklisting port_inode and socket_inode 
port_inode and socket_inode have caused a few issues lately and, as of
right now, they both have open issues against them. For the time being,
I'm going to blacklist them. When the tables are production-ready, we
can re-add them back in to the base linux build.
 2014-11-16 09:42:57 -08:00
Teddy Reed
816faec3db Merge pull request #429 from cdown/llvm_license 
Add missing LLVM license referenced in git-clang-format.py
 2014-11-14 18:46:22 -08:00
Teddy Reed
f725e1c01d Merge pull request #431 from cdown/its_lintmas 
Add PEP8 and general lint conformance to in-house scripts
 2014-11-14 18:46:11 -08:00
Chris Down
8082313cce Revert removal of unused symbols in genapi per @theopolis' comment: 
At https://github.com/cdown/osquery/commit/2a93de#commitcomment-8583208:
> Although the removed symbols aren't referenced in this script they are
> used in the spec evaluation.
 2014-11-15 01:39:29 +00:00
Chris Down
2a93def805 Add PEP8 and general lint conformance to in-house scripts 
My intent in this diff was mostly style linting, so I disabled
non-stylistic pylint linters that fired in the interests of making this
a sane diff with one purpose: stylistic consistency and conformance. If
I disabled them it means they were thrown somewhere and should probably
be looked into some time :-)

This diff adds:
- PEP8 conformance (tested with pep8)
- A cleanup of stuff shown by `pylint`, with quite a few linters
  disabled. See above for rationale to disable these -- in the end this
  was mostly unused variables, unused imports, etc). These are the
  linters I disabled:
  - attribute-defined-outside-init
  - bad-classmethod-argument
  - bare-except
  - broad-except
  - exec-used
  - invalid-name
  - logging-not-lazy
  - method-hidden
  - missing-docstring
  - redefined-outer-name
  - too-few-public-methods
  - too-many-instance-attributes
  - too-many-locals
  - unused-argument
- flake8 warnings fixed (warnings were about redefinition of previous
  variables in a listcomp)

I didn't do anything with git-clang-format since it's from an external
project and it's possible that there may be a wish to merge it in again
later if it gets updated upstream, but you could, of course, apply this
to that script as well if you so wish. Right now it's not at all PEP8
conformant.
 2014-11-14 23:36:36 +00:00
Teddy Reed
0cb30d8ccb Merge pull request #430 from theopolis/fix-biging 
Check tables row vector size before access
 2014-11-14 15:25:39 -08:00
Teddy Reed
a1898ef03b Check tables row vector size before access 2014-11-14 15:18:25 -08:00
Chris Down
3554a65885 Add missing LLVM license referenced in git-clang-format.py 2014-11-14 23:07:48 +00:00
Teddy Reed
c0dc2720fb Merge pull request #425 from theopolis/feature-catching-exceptions 
Fix unwind exception catching
 2014-11-14 01:43:55 -08:00
Teddy Reed
02841f5e7f Add kernel userland-API inet_diag header 2014-11-14 01:42:34 -08:00
Teddy Reed
565bce3c07 Fix unwind exception catching 2014-11-14 01:42:00 -08:00
Teddy Reed
968e4331f0 Merge pull request #428 from vmauge/fix_genapi 
Fix genapi to support DataType
 2014-11-14 00:06:02 -08:00
Vincent Mauge
73d7500b8d Fix genapi to support DataType 
PR #414 (commit a5ef6a1) changed column type from string to Datatype
 2014-11-13 22:43:06 -08:00
Teddy Reed
0c675b23f2 Fix testing (only requireInstance) for DBHandle once 2014-11-13 09:33:13 -08:00
Teddy Reed
417bc8d222 Merge pull request #424 from vmauge/cpuid_default_value 
Set ouput_bit to 0 instead of cast error
 2014-11-12 23:17:22 -08:00
Vincent Mauge
632151d56a Set ouput_bit to 0 instead of cast error 2014-11-12 22:02:04 -08:00
Teddy Reed
be26c999ad Merge pull request #420 from theopolis/feature-better-logging 
More control over logging
 2014-11-12 17:27:03 -08:00
Teddy Reed
153cc7208f More control over logging 2014-11-12 18:19:22 -07:00
Teddy Reed
aa933491d2 Merge pull request #416 from theopolis/hack_fix_386 
[Fix #386] This is a hack to fix Ubuntu unwinding
 2014-11-12 16:43:18 -08:00
Teddy Reed
b419c79791 [Fix #386] This is a hack to fix Ubuntu unwinding 2014-11-12 17:12:37 -07:00
Mike Arpaia
10a4430f00 Merge pull request #419 from facebook/pretty-print-unicode 
Support for multi-byte characters in osqueryi results
 2014-11-12 16:51:48 -05:00
mike@arpaia.co
a8832482b3 implementation for #360 2014-11-12 16:51:14 -05:00
mike@arpaia.co
b423286297 failing test 2014-11-12 16:30:18 -05:00
Mike Arpaia
5f5b916ba9 Merge pull request #418 from facebook/homebrew-formula 
including the formula file
 2014-11-12 16:19:16 -05:00
mike@arpaia.co
b8566f557e including the formula file 2014-11-12 16:18:27 -05:00
Mike Arpaia
40f060a1c0 Merge pull request #417 from facebook/osx-crap 
only use most active version of a dependency
 2014-11-12 16:08:43 -05:00
mike@arpaia.co
019e9e25de only use most active version of a dependency 2014-11-12 16:07:31 -05:00
Teddy Reed
a5ef6a1f70 Merge pull request #414 from theopolis/feature-use-sqltypes 
Use SQLite types
 2014-11-12 11:07:50 -08:00
Teddy Reed
0d8b9d3eaa Use SQLite types 2014-11-12 11:07:24 -08:00