valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,531 Commits 2 Branches 109 Tags 25 MiB
80bfef9f77
Commit Graph

4531 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Giorgi Guliashvili
80bfef9f77
setThreadName boilerplate removal (#4749) 2018-07-23 19:50:35 +01:00
Mitchell Grenier
69d307b64c
Add labels for threads (#4295) 2018-07-23 11:13:43 -07:00
Giorgi Guliashvili
129d9415a3
profile implicit shutdown (#4746) 2018-07-23 16:39:45 +01:00
Alexander
68e6d77050
to<Status>(const Expected&) implementation (#4725) 
* to<Status>(Expected) implementation

To make a transition from Status to Expected a bit easier.
For transition time there must be a lot of conversions from Expected to Status and back.
Conversion from Status to Expected is not simple, for many reasons.
Conversion from Expected to Status is trivial, but a bit verbose:
```c++
if (exp.isError()) {
  return Status::failure(
    exp.getError().getFullMessage()
  );
} else {
  return Status::success();
}
```
I'd suggest using more laconic, clear and explicit way to convert.
 2018-07-23 16:15:10 +01:00
Alexander
51eb79dc63
Ad-hoc fix up for old versions of libc++ and libstdc++ (#4718) 
There was not  implementation for es in old versions of libc++ and libstdc++. [proof](http://www.open-std.org/jtc1/sc22/wg21/docs/lwg-defects.html#2148).
 2018-07-23 15:25:57 +01:00
Giorgi Guliashvili
54e0bf3f5f
dispatcher 'leaks' (#4742) 2018-07-21 19:28:00 +01:00
Teddy Reed
919219c551
tables: Add ELF-file related virtual tables (#4708) 2018-07-21 12:21:32 -04:00
Teddy Reed
112a33ddc0
cleanup: Migrate calls to tryTo from 4683 (#4710) 2018-07-21 12:19:33 -04:00
Giorgi Guliashvili
0417ece88f fix objective c leak in plist (#4732) 2018-07-21 11:52:23 -04:00
Giorgi Guliashvili
2d5fc8df0a
udev fd check (#4736) 2018-07-20 10:55:57 +01:00
Jonathan Keljo
305b37d89d Properly format IPv6 addresses with scopes (#4464) 2018-07-20 00:43:42 +01:00
Alexander
a683d56163
Remove dead code from conversions module (#4711) 
- removed boost_to_std_shared_ptr and std_to_boost_shared_ptr as far as we don't use boost::shared_ptr in osquery anymore.
  - removed replaceAll
  - and removed useless includes
 2018-07-19 18:11:56 +01:00
Alexander
7da4d1662e
Explicitly delete rvalue ref-qualified unconditional access methods from Expected (#4706) 
Explicitly remove rvalue ref-qualified unconditional access methods from Expected
 2018-07-19 18:08:23 +01:00
Alexander
83a653f836
Add missed include <climits> for PATH_MAX (#4733) 
Related PR #4724 and #4416
 2018-07-19 17:07:14 +01:00
Alexander
42d8027320
Remove unused includes and forward declaration from core/utils.h (#4734) 2018-07-19 17:06:16 +01:00
Giorgi Guliashvili
94397d3c04
get rid of unnecessary ptree includes (#4727) 2018-07-19 10:45:40 +01:00
Giorgi Guliashvili
d4e444c999
incorrect assumption about reserve behavior (#4728) 2018-07-19 10:44:56 +01:00
Giorgi Guliashvili
386ccb5e96
disable malfunctioning new features on the fly using killswitch (#4671) 2018-07-18 22:11:19 +01:00
Filipe Manco
bd2377bc37
Revert regression introduced by #4613 (#4726) 2018-07-18 20:11:08 +01:00
James Jerger
182212330f Add socket_designation to CPU info (#4715) 2018-07-18 18:46:29 +01:00
Alexander
58810e6a33
Use tryTo instead of safeStrtoull in the code (#4716) 
and remove `safeStrtoull` from the `conversions.h`
 2018-07-18 15:30:24 +01:00
Alexander
2a2aa5b5ae
Add missed semicolumn to utils.cpp (#4717) 2018-07-17 17:44:31 +01:00
Alexander
f25987fa9c
Remove useless include of <iostream> from status.h (#4719) 2018-07-17 17:35:54 +01:00
Alessandro Gario
8fe570bed7 feature: Write support for tables implemented from extensions (#4094) 2018-07-17 09:12:09 -07:00
Alexander
95e5dc7ebb
Use pre-aggregation cache for all records flowing thru numeric monitoring system (#4690) 
PR based on #4677 , have a look on it firstly.
 2018-07-17 09:31:51 +01:00
Nate Felton
d74fa4033f Adding content_caching to sharing_preferences (#4699) 2018-07-16 12:13:14 +01:00
Rich5
352e3ff7f8 Windows file ops (#4613) 2018-07-15 14:12:46 -07:00
Giorgi Guliashvili
61b66559fa
remove old version of schedule from the codebase and tests (#4707) 2018-07-14 19:18:28 +01:00
Giorgi Guliashvili
7dd06912a8
Compression/decompression silent error (#4709) 2018-07-14 16:48:57 +01:00
Teddy Reed
fa4f63fb84
tables: Remove lexical_cast include from tables (#4683) 2018-07-14 11:42:44 -04:00
Daniel Roethlisberger
1ed050147a Support CDHash algorithms other than SHA-1 (#4679) 2018-07-13 12:00:43 -07:00
Jeremy Calvert
d6bebc8f81 Add support for getting ethernet link speeds for non-linux posix (#4675) 2018-07-13 10:09:35 -07:00
Allan Liu
8f4529d2a3 General SMART drive information virtual table (#4133) 2018-07-13 09:51:55 -04:00
Max Kareta
140f2bd72f
disk_encryption macOS, fix for issue #4479 (#4687) 2018-07-13 10:59:33 +01:00
Alexander
585e73e1e8
tryTo<> generics for string to integer conversion (#4676) 
`tryTo<>` generics for string to integer conversion

The first approach to substitute all `safeStrto*` conversions to `tryTo<>` generics.

Thare are some advantages in using templates here:
  - Destination value type explicitly takes a part in call syntax.
  - You could use it other template code

Also I have removed `safeStrtoi` from the code as an example of usage.
 2018-07-12 18:03:57 +01:00
Alessandro Gario
8b864f1935 Improving audit-based table performances (#4647) 2018-07-12 10:10:52 -04:00
Alexander
d31e1bc2e7
Implement generic tryTo for string to boolean converions (#4689) 
Implement generic `tryTo` for string to boolean converions
Also use it in some obvious placed in codebase
 2018-07-12 15:07:36 +01:00
Konstantin Tsoy
ed4354c9ef Add etc/hosts.ics data to the etc_hosts table. (#4686) 2018-07-12 10:05:57 -04:00
Alexander
98fd405c31
Fixed up misspells in variable name and docstrings after #4677 (#4701) 2018-07-12 14:55:12 +01:00
Max Kareta
3c9ba5827d
fixed error when wrong directory separator was used (#4695) 2018-07-12 10:42:49 +01:00
Nick Esposito
ca324ab831 round negative reported durations in query profiler to zero (#4696) 2018-07-11 21:13:48 -04:00
Mitchell Grenier
978a3f82bb
Add unique pid field to the processes table on macOS (#4667) 2018-07-11 13:49:50 -07:00
Teddy Reed
04796f2687
logger: Fix logfile writes to /tmp with verbose flag (#4681) 2018-07-11 16:28:39 -04:00
Alexander
6e2c9014e7
Pre-aggregation cache implementation for numeric monitoring plugins (#4677) 
Pre-aggregation cache implementation for numeric monitoring plugins.

For the most of monitoring data some aggregations are going to be applied on the user side. To do analytics you rarely need to see all points on the graph. It means for such paths (unique keys for points subsets) particular points means not much. And to reduce a disk usage and a network traffic some pre-aggreagation could be applied on osquery side.

This PR is implementation of such pre-aggreagtion.

It based of PR #4626
 2018-07-11 18:38:12 +01:00
Vova Mishatkin
0cc9b84e4f
Add tests for file_paths_query (#4693) 2018-07-11 18:29:55 +01:00
Jan Beich
b675632603 Unbreak with boost 1.68 (#4692) 2018-07-10 23:05:37 -04:00
Teddy Reed
6d5f94b2c6
flags: Separate flags and flagalias (#4682) 2018-07-10 23:04:39 -04:00
Vova Mishatkin
dbac4ea67c
Add the ability to specify file_paths with sql queries (#4678) 2018-07-10 16:24:13 +01:00
Filipe Manco
9197810c76
Fix documentation for flag decorations_top_level (#4688) 2018-07-10 14:04:10 +01:00
Alexander
508b147aa1
Remove using instance() from serviceCount() (#4685) 
As far serviceCount is not a static function there is absolutely legal to use
 2018-07-10 10:35:45 +01:00