osquery-1

mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00

Author	SHA1	Message	Date
Nick Anderson	596d99c205	readme: fixing link to logo image (#4114 )	2018-02-07 16:14:17 -08:00
Javier Marcos	ef7130b49f	bug: Fix for sslv3 handshake failure in the file carver (#4109 )	2018-02-07 12:24:57 -08:00
Nick Anderson	7d7ed9de61	tests: removing username test in favor of status check (#4090 )	2018-02-07 10:41:37 -08:00
Seshu Pasam	0dc59b8d2d	Remove duplicate mode column in device_nodes query (#4107 )	2018-02-07 10:40:17 -08:00
Teddy Reed	bf2b464301	packages: Install osqueryi as a symlink (#4074 )	2018-01-31 19:59:00 -08:00
Filipe Manco	766634aa83	Add parent PID on process_events from openbsm (#4091 ) * openbsm_events: Fix using wrong union element * darwin: use macros to identify audit events * darwin: Add parent info to proc events [1/3] Rename subscriber class to a more generic name in preparation to make it handling multiple process related events. * darwin: Add parent info to proc events [2/3] Refactor exec event handling into its own function in preparation to make it handling multiple process related events. * darwin: Add parent info to proc events [3/3] Capture fork events to construct a map of parent child relationships. On a exec look at the map to get the parent information. Use exit events to garbage collect the map.	2018-01-31 15:20:43 +00:00
Mike Arpaia	1c387b8abb	Use schema branch of website instead of master for raw data (#4082 )	2018-01-25 08:09:36 -08:00
Mike Arpaia	03b3044c3e	Tools to generate table and package JSON for the new website (#4077 )	2018-01-25 08:09:11 -08:00
Nick Anderson	825d850a15	site: updating website with links for windows msi (#4078 )	2018-01-23 17:27:49 -08:00
Nick Anderson	d3a847ab02	deploy: fixing error and warning with windows msi package (#4079 )	2018-01-23 17:27:24 -08:00
Teddy Reed	3decac948e	tables: Remove ptree from table plugins (#4075 )	2018-01-21 05:11:42 -05:00
Teddy Reed	967910c6bf	deps: Use librpm 4.14.1 without beecrypt (#4073 )	2018-01-21 01:56:11 -05:00
Teddy Reed	483fbbb594	query: Force query results into proper order (#2947 )	2018-01-21 01:20:48 -05:00
Teddy Reed	90a737ead7	Replace most of boost::property_tree with rapidjson (#3910 )	2018-01-20 20:58:01 -05:00
Teddy Reed	fad4a748c0	tables: Add cpu_microcode to system_info (#4028 )	2018-01-20 20:24:09 -05:00
Alessandro Gario	44e03bada9	process_file_events: Add fields euid and egid and cleanup logs	2018-01-15 20:19:05 -08:00
Alessandro Gario	02caa95774	audit: Rename audit_fim_events to process_file_events	2018-01-15 20:12:58 -08:00
Alessandro Gario	4a478f1ea1	audit: Ignore operations on PF_NETLINK sockets	2018-01-15 20:10:50 -08:00
Alessandro Gario	8829c9f0de	audit: Improve responsiveness when terminating and set name	2018-01-15 20:06:52 -08:00
Alessandro Gario	d72779c784	Update column names, add switch to clear Audit config on startup (#3611 )	2018-01-15 20:02:27 -08:00
Alessandro Gario	9c0bd4abfb	audit-based file integrity monitoring (#3492 )	2018-01-15 19:57:50 -08:00
Teddy Reed	597b60d5eb	website: Upload dark version of logo for README (#4065 )	2018-01-15 12:50:51 -05:00
Teddy Reed	e8c0601ffe	tables: Parse interface flags from sysfs on Linux (#4063 )	2018-01-15 00:05:08 -05:00
Teddy Reed	181d2f9dbc	build: Fix OSQUERY_BUILD_SHARED linkage (#4062 )	2018-01-14 23:08:36 -05:00
Teddy Reed	3591d221e8	tables: Add pcid to cpuid table (#4061 )	2018-01-14 22:24:30 -05:00
Teddy Reed	193de0c818	deps: Improve native (non-deps) builds (#4060 )	2018-01-14 20:14:40 -05:00
Teddy Reed	82235e3c13	deps: Build linenoise locally (third-party) (#4058 )	2018-01-14 16:31:41 -05:00
Teddy Reed	8272c028dd	macOS: Link with no-weak-imports (#4056 )	2018-01-12 20:34:45 -05:00
Doug Wilson	bf0eb6f36f	added IOCs to query for OSX_MaMi malware (#4055 )	2018-01-12 20:34:31 -05:00
Teddy Reed	541f28d397	deps: Build librdkafka 0.11.3 without clock_gettime (#4054 )	2018-01-12 17:29:17 -05:00
Teddy Reed	adad4ee8de	build: Set default macOS SDK to 10.11 (#4053 )	2018-01-12 17:28:43 -05:00
exFill	979330efbb	Fix on_disk detection for Linux (#4047 )	2018-01-12 10:26:01 -05:00
Teddy Reed	b8a25429a5	tables: Remove apt-pkg linking on Linux (#4049 )	2018-01-12 10:25:25 -05:00
Teddy Reed	687070352d	website: Add 2.11.2 release (#4050 )	2018-01-12 10:25:08 -05:00
Mitchell Grenier	fa8d267ad8	Fix a crash in the extended_attributes table (#4051 )	2018-01-12 10:24:45 -05:00
Teddy Reed	f2f6b8d5f4	vagrant: Add win10 target for Vagrant (#4040 )	2018-01-10 09:52:31 -08:00
Nick Anderson	d73222326f	tables: updating row description for kva_speculative_info (#4044 )	2018-01-09 11:43:19 -08:00
Mitchell Grenier	099fb39af7	Add signing functionality to make_osx_package (#4045 )	2018-01-08 21:59:42 -08:00
Teddy Reed	5777efffb4	deps: Add SKIP_DEPS control to CMake (#4036 )	2018-01-07 14:32:24 -08:00
Teddy Reed	de19f0b6c2	tables: Replace apt_sources with crude string parsing (#4034 )	2018-01-07 00:26:27 -08:00
Teddy Reed	00040c6c1a	feature: URI parsing from folly (#4035 )	2018-01-06 20:26:36 -08:00
Teddy Reed	551e1043b4	tests: Interrupt subprocesses of test_osqueryd (#4032 )	2018-01-06 00:57:44 -08:00
Teddy Reed	ecf06772c8	windows: deps: Install thrift module on Windows only (#4033 )	2018-01-06 00:04:38 -08:00
Nick Anderson	21b257beb6	deps: Updating windows to boost 1.66.0 (#4031 )	2018-01-05 19:58:54 -08:00
Nick Anderson	85133d8ad0	tables: adding windows table for KVA and speculative exec info (#4027 )	2018-01-05 10:53:02 -08:00
Teddy Reed	c4c5385253	deps: Rebuild all dependencies for Darwin and Linux (v5) (#4025 )	2018-01-04 23:05:21 -08:00
Teddy Reed	32847baec7	tests: Allow VERBOSE_TEST=1 to run verbose ctest (#4023 )	2017-12-30 18:21:09 -08:00
Ben Schmoker	966854028f	docs: typo in mac setup instructions (#4010 )	2017-12-28 21:13:19 -08:00
Dave Kukfa	6ddbdc0fea	tables: Implemented Windows crashes table (#3696 )	2017-12-28 21:09:10 -08:00
Teddy Reed	ec4cad5604	tables: Fix Bookmark and Alias path extraction (#4022 )	2017-12-28 14:40:23 -08:00

1 2 3 4 5 ...

4283 Commits