valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,389 Commits 2 Branches 109 Tags 25 MiB
843fe3a302
Commit Graph

781 Commits

Author SHA1 Message Date
mike@arpaia.co
843fe3a302 syncing sdk with codemod and targets 2015-02-18 09:02:04 -08:00
Teddy Reed
8aefe1a110 Add thrift 'query' endpoint 
This allows extensions to execute SQL through the extensions API.
 2015-02-17 18:42:09 -08:00
Teddy Reed
16832ba72c Merge pull request #766 from theopolis/logs 
Improved logging control
 2015-02-17 16:37:50 -08:00
Teddy Reed
1f8dacec3c Add flag aliasing, logger/flag tests 2015-02-17 16:26:14 -08:00
Mitchell Grenier
dd01c67dcf Merge pull request #767 from jedi22/version_fix 
Added osquery version to .version because it makes sense
 2015-02-17 11:27:44 -08:00
Mitchell Grenier
e3a1c0638d Added osquery version to .version because it makes sense 2015-02-17 11:18:28 -08:00
Teddy Reed
fc64965c68 Fix ctor logger locking 2015-02-16 16:37:39 -08:00
Teddy Reed
6f155d63c5 Improve flag storage and printing 2015-02-16 16:26:06 -08:00
Teddy Reed
6994361f26 Improved logging control 2015-02-16 14:42:22 -08:00
Teddy Reed
3c36c4196b Merge pull request #731 from jedi22/wildcard_events 
Added parsing of extra data along with its addition to the osqueryconfig structure
 2015-02-15 19:16:54 -08:00
Teddy Reed
95dd2a808f Merge pull request #762 from theopolis/startup_items 
[Fix #758] Parse startup_items Alias data
 2015-02-15 16:33:39 -08:00
Teddy Reed
1ea06a9d15 [Fix #758] Parse startup_items Alias data 2015-02-13 17:40:02 -08:00
Mitchell Grenier
de5ac74fab All changes addressed 2015-02-13 16:52:11 -08:00
Teddy Reed
f162a20ee2 Merge pull request #759 from theopolis/fix_processes 
Fix getProcList indexing
 2015-02-13 14:58:39 -08:00
Teddy Reed
3246b346dc Fix getProcList indexing 2015-02-13 14:38:49 -08:00
Zachary Wasserman
1f450fb1ef Merge pull request #710 from zwass/distributed 
POC for client side of distributed queries.
 2015-02-13 14:25:52 -08:00
Zachary Wasserman
79034111a5 POC for client side of distributed queries. 
This introduces the notion of a DistributedQueryHandler that uses a "provider" to read/write requests and results to and from the master. The full flow is exercised via integration tests, and unit tests for each component.

It is intended to foster discussion around this client side interface, as well as provide a base to build from.
 2015-02-13 13:01:02 -08:00
Teddy Reed
aa078895d3 CentOS7 clang without fortify 
1. _FORTIFY_SOURCE=1 will cause readlink/recv to hang when using
heap-allocated target buffers.
2. Install boost/rocksdb/thrift using source, similar to CentOS6.5
3. Remove boost::regex, prefer extended std::regex without static
link to boost_regex.
 2015-02-13 12:47:30 -08:00
Mitchell Grenier
54ef2045e5 Made config a meyers singleton. Load should now only ever have to happen once 2015-02-13 12:32:54 -08:00
Teddy Reed
340dcd775a Add 'cwd', 'root' to processes 2015-02-12 18:05:10 -08:00
Teddy Reed
b7160aae72 Merge pull request #750 from theopolis/file_directory 
Allow file table to use a directory constraint
 2015-02-12 15:57:20 -08:00
Teddy Reed
584a326f63 Merge pull request #748 from theopolis/improve_processes 
[#721] Add pid constraint checking to darwin procs
 2015-02-12 15:57:15 -08:00
Teddy Reed
b7734dcd3e Allow file table to use a directory constraint 2015-02-12 15:44:39 -08:00
Teddy Reed
11323a1487 [#721] Add pid constraint checking to darwin procs 2015-02-12 11:32:29 -08:00
Javier Marcos
715f894c1c Fix for the CentOS 7 support 2015-02-11 22:07:25 -08:00
Mitchell Grenier
9dfcfc5725 Fast forwarded to current head 2015-02-11 19:47:30 -08:00
Mitchell Grenier
0448afbd91 Asynchronously resolve the wildcards of all the files we want to monitor 2015-02-11 19:35:57 -08:00
Mitchell Grenier
dca2f9d7bb Added parsing of extra data along with its addition to the osqueryconfig structure 
Added tests as well
 2015-02-11 19:35:57 -08:00
Teddy Reed
65e0da4790 Merge pull request #743 from theopolis/env_ele_apps 
Add environment/element to OS X apps
 2015-02-11 18:38:11 -08:00
Teddy Reed
2e0f99432f Add environment/element to OS X apps 2015-02-11 18:28:56 -08:00
Teddy Reed
7fbb7ef48e Add plist/file parsing similar to OS X defaults 2015-02-11 17:48:01 -08:00
Teddy Reed
5810a35cec Add a SQLiteDBManager 2015-02-11 15:27:45 -08:00
Teddy Reed
04fb33cbf2 Merge pull request #737 from theopolis/safe 
Safer compile flags
 2015-02-11 12:32:36 -08:00
Teddy Reed
7bab4a4706 Merge pull request #732 from theopolis/plist_defaults 
Added 'defaults' table called 'preferences'
 2015-02-11 12:03:23 -08:00
Teddy Reed
fd92f9cb4c Added 'defaults' table called 'preferences' 2015-02-11 11:39:25 -08:00
Teddy Reed
a59dcf01ee Add osquery_extensions table 2015-02-11 10:52:25 -08:00
Teddy Reed
2593e8f837 Add extensions status to osquery_info 2015-02-11 10:52:25 -08:00
Teddy Reed
9eeda1f02c Safer compile flags 2015-02-11 10:45:04 -08:00
Mitchell Grenier
4238eccdcd Adding test to make sure Apps table returns real data 2015-02-10 18:59:26 -08:00
Teddy Reed
74496c74d5 [Fix #733] Use directories instead of files in apps 2015-02-10 17:35:18 -08:00
Teddy Reed
7f7b2acd37 Merge pull request #728 from theopolis/pubs_as_runnables 
[Fix #704] Events sleep with dispatcher's interruptableSleep
 2015-02-10 13:06:16 -08:00
Teddy Reed
23864f220d [Fix #704] Events sleep with dispatcher's interruptableSleep 2015-02-10 12:51:26 -08:00
Teddy Reed
55dfdfcace Move lsperms into filesystem 2015-02-10 03:00:29 -07:00
Javier Marcos
9f5b819967 Adding description to columns 2015-02-09 20:13:11 -08:00
Javier Marcos
a3e004bb62 Adding description to columns 2015-02-09 18:18:22 -08:00
Teddy Reed
94f97b93e8 Fix symbol rename regression in processes 2015-02-09 14:04:39 -08:00
Teddy Reed
6cc9fa4c3e Merge pull request #720 from theopolis/memory_tables 
Add shared_memory, memory_maps, process_memory_map table to Linux
 2015-02-09 12:59:43 -08:00
Teddy Reed
4b07479c3d Merge pull request #719 from theopolis/file_stat 
Add stat details to file table
 2015-02-09 12:59:35 -08:00
Teddy Reed
d373aef0fa Merge pull request #716 from theopolis/fix_713 
[Fix #713] Do not abort if EM fails
 2015-02-09 12:59:28 -08:00
Teddy Reed
de868e6eb1 Merge pull request #715 from theopolis/more_descriptions 
Add more table descriptions for API generation
 2015-02-09 12:59:22 -08:00