valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,983 Commits 2 Branches 109 Tags 25 MiB
7b321cef60
Commit Graph

277 Commits

Author SHA1 Message Date
securityclippy
76e904941e soften language to not enabled rather than failed (#3744) 2017-09-28 20:27:44 -07:00
Teddy Reed
8dc4268761 kernel: Disable kernel support by default (#3672) 2017-09-09 16:48:39 -07:00
Teddy Reed
205da3c698 rocksdb: Implement a 'backup' and recover feature for RocksDB (#3635) 2017-09-01 22:31:03 -07:00
Teddy Reed
f29de27649 Combine osqueryi and osqueryd into single binary (#2742) 2017-08-27 11:09:25 -07:00
Teddy Reed
57f6e37839 audit: Handle AUDIT_SOCKADDR messages (#3586) 2017-08-21 20:53:32 -07:00
Teddy Reed
cf170c4278 cleanup: Move query out of database header (#3576) 2017-08-20 02:44:38 -07:00
uptycs-nishant
5a92d2c7f0 Implementing exclude paths for FIM (#3530) 2017-08-19 19:59:23 -07:00
Vishwa Shah
c54c6e6c0e corrected size in block_devices on darwin, linux (#3539) 2017-08-07 19:21:18 -07:00
Mitchell Grenier
b22a403bf1 OpenBSM Events (#3503) 2017-08-07 16:02:16 -07:00
Seshu Pasam
9dc69ee282 Minor static analysis fixes. (#3529) 2017-08-04 18:22:10 -07:00
Mitchell Grenier
e577a76b9b macOS - Listeners on folders that throw mount events (#3506) 2017-08-03 18:09:04 -07:00
Seshu Pasam
9b3be1c02d Fixes from static code analysis (#3512) 2017-08-01 20:13:25 -07:00
Teddy Reed
98d91192b4 audit: Isolate the audit consumer logic into a thread (#3486) 2017-07-24 00:27:19 -07:00
uptycs-nishant
43046f48da Inotify: re-implemented remove/add subscription and remove/add monito… (#3459) 2017-07-21 20:00:34 -07:00
Mitchell Grenier
7801ac6dce Add mount to fsevents (#3480) 2017-07-20 09:44:38 -07:00
Teddy Reed
99675fdbb2 audit: Increase speed when using socket_events (#3449) 2017-07-02 17:18:40 -07:00
Teddy Reed
6ce053a45d fim: Allow Linux publishers to be interrupted (#3376) 2017-06-02 21:39:35 -07:00
Teddy Reed
7844a8ea1b nits: Use char-overload for find (#3363) 2017-05-29 23:13:10 -07:00
Teddy Reed
98505e5eb2 events: Sane defaults for expiration and max (#3358) 2017-05-29 16:10:24 -07:00
Teddy Reed
8a93acfa1c TSAN: Address failures and findings in LLVM 4.0 (#3343) 2017-05-29 02:06:57 -07:00
Teddy Reed
b38a62be8b config: Rename getInstance to get for consistency (#3350) 2017-05-28 23:04:53 -07:00
Teddy Reed
9ba0edb4bb darwin: Improve disk_events add detection (#3332) 2017-05-26 10:38:26 -07:00
Teddy Reed
b427310241 deps: Rebuild the world, static and hidden (#3299) 2017-05-21 10:59:19 -07:00
Teddy Reed
582ab52e8f build: Remove SYSTEMD and _BASED logic (#3245) 2017-05-03 22:28:33 -07:00
Teddy Reed
0374fde651 [Fix #3194] Remove qualified name from parseEvent declaration (#3198) 2017-04-22 18:16:20 -07:00
Teddy Reed
90078f15ea events: Add hidden EID to all events tables (#3159) 2017-04-14 08:20:20 -07:00
Teddy Reed
649afcfff1 events: Use generator-tables for event subscribers (#3150) 2017-04-12 21:45:41 -07:00
Teddy Reed
c5e6db36eb events: Use poll instead of select for audit and udev (#3158) 2017-04-12 16:10:11 -07:00
Teddy Reed
5fd11260ad inotify: Use poll over select in inotify publisher (#3157) 2017-04-12 16:09:48 -07:00
ryanheffernan
5d6ea77efd [Fix #3129] Check malloc result for WEL XML buffer before calling EvtRender (#3130) 2017-04-04 09:52:29 -07:00
Teddy Reed
7b6e4c7a27 audit: Optimize user_events and add auid (#3120) 2017-03-31 08:30:45 -07:00
Teddy Reed
bc85f726ad events: Execute schedule before expiring (#3091) 2017-03-21 12:38:04 -07:00
Teddy Reed
69bb69fd6d events: Inspect schedule and improve tests (#3087) 2017-03-20 22:03:09 -07:00
Teddy Reed
7b6d026820 rocksdb: Update to 5.0 and use DeleteRange for expirations (#3066) 2017-03-17 12:40:07 -07:00
Teddy Reed
78ed32a673 events: Add locks around publisher and subscriber name accesses (#2969) 2017-02-06 01:17:38 -08:00
Teddy Reed
f54a974ff6 events: Fix locking around FSEvents (#2966) 2017-02-03 22:57:38 -08:00
Nick Anderson
e961fc850e Adding the Windows event log publisher (#2937) 2017-02-02 17:05:58 -08:00
Jonathan Lee
a1de136c1a Change logging level in certain cases (#2896) 2017-01-31 08:07:42 -08:00
Teddy Reed
0e9733f94c Simplify Registry and plugin concepts (#2887) 2017-01-07 12:21:35 -08:00
Teddy Reed
e9bbe1d624 Add Linux audit benchmarks (#2834) 2016-12-03 12:36:55 -08:00
Teddy Reed
0637f3c880 Manage queue configuration for Linux audit (#2792) 2016-11-23 15:40:14 -08:00
lambda-conjecture
ad4cf3ed90 Fix crash in FIM processing on Linux (#2751) 2016-11-22 17:53:07 -08:00
Teddy Reed
0ee1bbe739 Improve process_events on Linux (#2790) 2016-11-22 09:37:16 -08:00
Teddy Reed
6ead016cbb [Fix #2656] Refactor events_optimize to act per-query (#2665) 2016-11-05 22:03:45 -07:00
Teddy Reed
a3acf2a3e5 Fix Config TLS plugin default verb (#2708) 2016-11-02 17:08:44 -07:00
Teddy Reed
4c8fdf5d17 Fix UDEV publisher unit tests LSAN bug (#2693) 2016-10-30 11:15:55 -07:00
Teddy Reed
b59cfd6949 [Fix #2681] Use subscriber setUp result to enable/disable (#2682) 2016-10-25 10:23:10 -07:00
Aditya Srivastava
ef4f8af3b8 Issue #2651 : Changed all NULLs to nullptrs (#2657) 2016-10-21 11:20:28 -07:00
Nick Anderson
208d2324d5 Extending chrome browser extension table to Windows (#2619) 2016-10-14 10:23:37 -07:00
Teddy Reed
b895c6a988 Reduce several INFO logs to VLOGs and increase size-INTEGERs to BIGINT (#2559) 2016-09-28 12:38:35 -07:00