valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,007 Commits 2 Branches 109 Tags 25 MiB
869ac6fe5e
Commit Graph

212 Commits

Author SHA1 Message Date
czanik
ee58c5f688 Update syslog.md with syslog-ng information (#3231) 2017-04-28 16:06:13 -07:00
Teddy Reed
e817f3919e Add hardware_disabled_types flag to control hardware_events (#3190) 2017-04-21 11:14:35 -07:00
Nick Anderson
9bfe308bcd Updating windows_event_channels usage doc (#3168) 2017-04-15 13:25:05 -07:00
Teddy Reed
90078f15ea events: Add hidden EID to all events tables (#3159) 2017-04-14 08:20:20 -07:00
Teddy Reed
c24603d8c9 logger: Add logger_min_status and disable stderr with stdout (#3131) 2017-04-04 08:12:26 -07:00
Allan Liu
1555989cd2 prometheus_metrics: exposed request timeout configuration (#3113) 2017-03-31 07:54:34 -07:00
Teddy Reed
c36a6253b5 packs: Run centos and ubuntu platforms on all Linux (#3088) 2017-03-21 01:11:57 -07:00
Teddy Reed
43eddc0bf3 watcher: Set default memory limit to 200M (#3086) 2017-03-18 16:38:47 -07:00
Chris Long
35cad63007 Updating FIM docs page (#3048) 2017-03-10 12:13:42 -08:00
Asad Raheem
02dcbaf1be added a note for preventing time-out error (#3032) 2017-03-03 11:15:12 -08:00
Mobeen Ashraf
4f41d75ee2 [Fix #3028] Updated windows provisioning doc to clarify build location (#3029) 2017-03-01 08:00:40 -08:00
Allan Liu
35293fd41e prometheus_metrics: add wiki documentation for configuration (#2958) 2017-02-26 21:58:18 -08:00
Teddy Reed
b4a9233d68 docs: Only support OS X 10.11 and 10.12 (#2994) 2017-02-10 11:49:23 -08:00
Nick Anderson
6ab460f5db Moving default channel list to default flag value (#2981) 2017-02-07 19:10:37 -08:00
Nick Anderson
0720601233 Updating the windows installation docs (#2964) 2017-02-03 16:07:20 -08:00
Konstantinos Georgantas
b4e766eaa3 Update of elasticsearch output plugin (#2960) 2017-02-03 14:18:59 -08:00
Mike Arpaia
2ad1d8839f Introduce two new host identifier options (#2944) 2017-01-27 17:56:50 -08:00
Teddy Reed
9e8e401054 Add stderr control to CLI docs (#2930) 2017-01-20 14:03:21 -08:00
Teddy Reed
93947b65c0 Documentation and steps for dependency bottles (#2886) 2016-12-30 17:29:15 -08:00
Teddy Reed
0017de5bf1 Add memory and utilization limit override flags (#2858) 2016-12-11 21:59:32 -08:00
Marc LeBourdais
790aa06b51 Add a flag for prepending @cee: to json-logged messages to syslog (#2854) 2016-12-08 17:35:20 -08:00
Teddy Reed
a2dd2fdc3d [#2816] Break make deps into sysprep and deps (#2817) 2016-12-01 10:20:30 -08:00
Teddy Reed
deed140080 [#1773] Introduce multi-pack configuration syntax (#2787) 2016-11-22 09:35:03 -08:00
Teddy Reed
a2f7790ca6 Various fixes and updates to the wiki (#2740) 2016-11-11 22:13:51 -08:00
knqyf263
6dd8d31ff4 Use decorateFileEvent for file_accesses without hashing (#2739) 2016-11-10 16:25:32 -08:00
Teddy Reed
530f2933e3 [Fix #2704] Various distributed code cleanups (#2719) 2016-11-03 23:54:55 -07:00
Teddy Reed
5bb5ae1030 Add optional default flagfile /etc/osquery/osquery.flags.default (#2673) 2016-10-22 16:56:32 -07:00
Teddy Reed
6fc536a809 Add --extension to osqueryi for quick autoloading (#2671) 2016-10-22 00:29:29 -07:00
Jonathan Lee
407b1f40c7 Fix error in "CLI Flags" documentation (#2663) 2016-10-21 16:50:06 -07:00
headmin
c18b2260e8 add Zentral remote TLS server info (#2582) 2016-10-03 08:21:27 -07:00
Teddy Reed
7e9088e008 [#2542] Introduce --enable_syslog to explicit enable syslog ingestion (#2543) 2016-09-27 17:35:21 -07:00
Zachary Wasserman
666198909a Add missing host_identifier in TLS enrollment request documentation (#2538) 2016-09-27 14:41:54 -07:00
Teddy Reed
a3477aa5dd docs: Windows 10 badge/install/flags (#2531) 2016-09-27 02:27:41 -07:00
Teddy Reed
1a43d4e4c3 Reorganize analysis tools/artifacts into analysis (#2497) 2016-09-21 15:15:25 -07:00
yying
c97118f2f8 Updates to Windows provisioning document (#2471) 2016-09-19 16:46:43 -07:00
Zachary Wasserman
7adf271570 Remove errant comma in example config JSON (#2474) 2016-09-16 13:20:42 -07:00
Teddy Reed
df1e3b9481 Add make fuzz (#2458) 2016-09-13 20:37:31 -07:00
Teddy Reed
080bc5ed88 Improve verbose logging for several linux event publishers (#2421) 2016-08-29 14:26:25 -07:00
Teddy Reed
02dd921d3b Introduce 'external' project builds: make externals (#2385) 2016-08-17 13:33:28 -07:00
Gary
87bc28e313 Added note to explain results from failed queries (#2376) 2016-08-16 08:39:43 -07:00
Teddy Reed
f93253ec48 Nitpicks and style formatting 2016-08-15 16:07:51 -07:00
Ryan Holeman
a217035d12 Add AWS STS assume role authentication capability 2016-08-15 16:07:51 -07:00
Teddy Reed
a2017f68f1 Add clang-format rules from 3.6 (#2360) 2016-08-15 01:33:17 -07:00
artemdinaburg
6e3f4b8e13 Copy required DLLs into the build directory (#2339) 2016-08-10 16:48:33 -07:00
Teddy Reed
e4dd78ec10 Build documentation for brew-based build (#2305) 2016-07-31 17:10:13 -07:00
yying
af7b910c24 Updated Windows provisioning documentation (#2294) 2016-07-28 12:08:20 -07:00
Zachary Wasserman
a7aac29465 Clarify events and database flags in osqueryi docs (#2269) 2016-07-21 12:53:17 -07:00
Zachary Wasserman
0483bed29d Fix broken links to FIM wiki page (#2272) 2016-07-21 12:33:46 -07:00
Teddy Reed
1e4dcb121b Introduce --audit_allow_sockets for Linux socket_events (#2270) 2016-07-20 23:47:54 -07:00
Teddy Reed
172363d3f5 Fix debug-kernel build and deploy dependencies (#2266) 2016-07-20 17:21:20 -07:00
Teddy Reed
edc3fa5a25 Remove process_file_events subscriber from Linux (#2267) 2016-07-20 17:20:23 -07:00
Nick Anderson
00935e28cc Moved windows provisioning script (#2257) 2016-07-19 16:47:51 -07:00
Peter
51f5fa9095 [#2216] Add notice text for required table predicates (#2225) 2016-07-08 08:33:37 -07:00
Ryan Holeman
88053a08b4 Optional top level decorator functionality (#2177) 2016-07-06 15:31:59 -07:00
d-yokoi
97f2850967 fix a typo error on the doc for building (#2172) 2016-06-19 23:24:42 -07:00
Ryan Holeman
b47f246ab4 Optional randomization of shard ids for AWS Kinesis load balancing (#2157) 2016-06-15 15:29:59 -07:00
Teddy Reed
0beb7efef7 Add process auditing and a SQL intro doc (#2129) 2016-06-01 17:28:51 -07:00
Teddy Reed
de8ef7b627 Update README/wiki for Ubuntu 16.04 (#2126) 2016-05-30 21:17:03 -07:00
Yonas Yanfa
d08e55545a Update index.md to mention support for FreeBSD. (#2118) 2016-05-27 14:01:54 -07:00
Ryan Holeman
e29ad573ef fixed issue with aws logger example for kinesis and firehose (#2102) 2016-05-18 09:21:32 -07:00
Marcin Wielgoszewski
484cf9c919 Add blurb about doorman (#2094) 2016-05-12 15:37:22 -07:00
Teddy Reed
d49c401324 Add decorators to example config (#2082) 2016-05-10 10:07:25 -07:00
Uma Reddy
e86a773a2e Update install-osx.md (#2071) 
Add post-install notes for brew-based installs.
 2016-05-06 08:31:22 -07:00
Teddy Reed
5a56805970 Introduce --utc flag to convert all calendar UNIX times to UTC (#2064) 
Beginning in version 1.8.0 all time uses will converge on an osquery-provided
getUnixTime() API call that returns, by default, UNIX time integers converted
to UTC/GMT. The 'time' table will respond with the parsed time for the
configuration. If the timezone is not UTC then osquery is using localtime.

This configuration option will affect the 'unix_time' response in the 'time'
table. Because of this configurable-effect the table is extended to include
'local_time' which is always the system local UNIX time.
 2016-05-03 13:00:31 -07:00
Teddy Reed
b6f09a7ecb Add action for snapshot query results (#2061) 2016-05-03 11:16:22 -07:00
Zachary Wasserman
10781e896e Add wiki docs for AWS logger plugins (#2052) 2016-04-25 16:20:01 -07:00
Mike Arpaia
8e73cf82d2 formatting changes for windows documentation 2016-04-19 10:25:28 -07:00
yying
0c15e1e732 Adding README explaining Windows provisioning and moved Windows provisioning README to development/, added it as link in navbar. Also added a mini-HOWTO section for running the provisioning script. 
Adding README explaining Windows provisioning and moved Windows provisioning README to development/, added it as link in navbar.  Also added a mini-HOWTO section for running the provisioning script.
 2016-04-19 09:38:18 -07:00
Zachary Wasserman
c4f9c14d5e Add docs for syslog tables 2016-04-05 11:01:10 -07:00
Teddy Reed
2379493721 Introduce decorator queries 2016-03-29 10:03:50 -07:00
Zachary Wasserman
0eff0f2f4e Collection of doc fixes 
- Minor fix in creating tables documentation
- Fix docs for join
- Add note about config paths
- Update events docs
- Fix link to query packs
 2016-03-25 14:12:41 -07:00
Uma Reddy
e421bfa54b Update extensions.md 2016-03-17 12:47:13 -04:00
Teddy Reed
8c3d2387e9 Add define to enable SQLite WHERETRACE 2016-03-04 20:41:06 -08:00
Teddy Reed
c3abb1ef38 Minor addition to multiple logger wiki docs 2016-02-23 10:42:08 -08:00
Teddy Reed
db3377a536 Merge pull request #1846 from zwass/logger_plugin_doc_edit 
Update logger plugin docs
 2016-02-12 10:13:20 -08:00
Zachary Wasserman
8eb4d2776b Update logger plugin docs 
* Add explanation for how to  use multiple logger plugins
* Add syslog plugin to the (short) list of plugins in the CLI flags
* Make docs consistent by changing uses of "logging plugin" to "logger plugin"
 2016-02-11 18:23:25 -08:00
Teddy Reed
089de478cd [#1810] Minor changes to extensions-use docs 2016-02-10 23:39:29 -08:00
Teddy Reed
1328aafcb3 [#1733] Document TLS client-auth and enroll notes 2016-02-01 09:37:10 -08:00
Teddy Reed
d0c550e987 [#1769] Remove reference to passwd_changes 2016-02-01 09:26:23 -08:00
Teddy Reed
b9be0c78a4 Merge pull request #1802 from theopolis/events_max 
Add an events_max limit for event buffering
 2016-02-01 09:05:59 -08:00
Teddy Reed
f05cc345d3 Add an events_max limit for event buffering 2016-02-01 08:38:58 -08:00
Teddy Reed
1acb5a4df0 [1576] Gate Makefile check for git to non-deps targets 2016-01-30 17:32:00 -08:00
Teddy Reed
95c4d733cc Add and document TLS debug features 2016-01-22 08:59:07 -08:00
Teddy Reed
3c09d69ef0 Remove deps and release from PR builds 2016-01-21 09:37:10 -08:00
Teddy Reed
5e4cba7bb1 Merge pull request #1785 from theopolis/docs_debug2 
Add deployment debugging wiki
 2016-01-20 17:51:17 -08:00
Teddy Reed
8b1ac7ebaf Adding deployment debugging documentation 2016-01-20 16:22:32 -08:00
Teddy Reed
dfa32d9e7e Update OS X kernel building to include distro 2016-01-19 16:20:16 -08:00
Teddy Reed
ec034e583b Update osquery CLI flags documentation 2016-01-19 15:57:04 -08:00
Teddy Reed
0a7dcbb967 Merge pull request #1719 from jacknagz/osx-config-docs 
Resolves #1718: Updated LaunchDaemon and Chef Template
 2015-12-11 14:01:58 -08:00
Teddy Reed
98eb6a5055 Reorganize file_events into process_file_events 2015-12-11 00:58:22 -08:00
Jack Naglieri
b396972ef7 Resolves #1718: Updated LaunchDaemon and Chef Template 2015-12-10 19:16:29 -08:00
Teddy Reed
9d394065e3 [#1636] Add simple sharding to packs and pack queries 2015-12-10 10:01:53 -08:00
Teddy Reed
c020bb87b4 Merge pull request #1705 from theopolis/dump 
[#1702] Add config and database dumping to stdout
 2015-12-06 21:41:31 -08:00
Teddy Reed
eeff5d0bf0 [#1676] Clear node key on node_invalid 2015-12-06 14:28:00 -08:00
Teddy Reed
fef53fa0d0 Add config and database dumping to stdout 2015-12-06 11:01:26 -08:00
Adrian Macneil
1f412a0297 Clarify distributed flags documentation 2015-11-23 12:17:04 -08:00
Teddy Reed
cef8f59054 Merge pull request #1639 from theopolis/cache 
Table results caching
 2015-11-14 16:22:24 -08:00
Teddy Reed
c2be670806 Table results caching 
1. Table implementations (spec files) can mark the table as 'cachable'.
2. Cached results depend on the shortest/quickest interval of scheduled
queries that act on results of the table.
3. The table API generator blocks caching on index/additional/required
table column options.
 2015-11-14 15:57:23 -08:00
Andrew Dunham
4ccdcc7864 Allow setting the mode of log files 
This also sets the appropriate flags in glog
 2015-11-11 11:37:55 -08:00
Teddy Reed
7c70183a87 Merge pull request #1625 from theopolis/pack_delim 
Add pack_delimiter option
 2015-11-03 21:05:44 -08:00