valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,918 Commits 2 Branches 109 Tags 25 MiB
9053a1f125
Commit Graph

117 Commits

Author SHA1 Message Date
Teddy Reed
9053a1f125 Include decorations within results events (#2068) 
Currently, the decorations are applied to statuses and results in batch format.
This seems like an oversight, decorations should be on all results.
 2016-05-05 13:19:10 -07:00
Teddy Reed
b6f09a7ecb Add action for snapshot query results (#2061) 2016-05-03 11:16:22 -07:00
Teddy Reed
2379493721 Introduce decorator queries 2016-03-29 10:03:50 -07:00
Teddy Reed
621f1bd3a9 [Fix #1896] Gate additional and kernel tests/benchmarks 2016-03-15 23:05:37 -07:00
Teddy Reed
afd17f8134 1. Reorganize RocksDB database handle into a plugin 
2. Introduce a SQLite-based database plugin
3. Refactor database usage to include local 'fast-calls'
4. Introduce an 'ephemeral' database plugin for testing (like a mock)
 2016-03-06 20:40:16 -08:00
Baraa Hamodi
21c2237eca [osquery] Update copyright headers to new format. 2016-02-11 11:48:58 -08:00
Teddy Reed
f05cc345d3 Add an events_max limit for event buffering 2016-02-01 08:38:58 -08:00
Teddy Reed
87ea41c6ec Improve TLS logger performance 2016-01-21 10:43:15 -08:00
Teddy Reed
d6e91c81e9 Improve TLS logging memory 2016-01-15 00:22:31 -08:00
Teddy Reed
7c38cf17d9 Add support for make packages on Debian 2016-01-07 23:50:31 -08:00
Teddy Reed
360ac54688 Remove num_levels explicit definition for RocksDB 2015-12-21 15:27:34 -08:00
Teddy Reed
c5766da6d0 [#1518] Only emit a single line for each logString 2015-12-16 16:42:55 -08:00
Teddy Reed
5a66d5b838 Move RocksDB logs to INFO 2015-12-16 14:36:12 -08:00
Teddy Reed
3004df5a50 Use custom logger for RocksDB 2015-12-15 20:49:33 -08:00
Teddy Reed
fef53fa0d0 Add config and database dumping to stdout 2015-12-06 11:01:26 -08:00
Teddy Reed
4c2319f8dd Add GID to PrivilegeDropper 2015-11-08 01:03:08 -08:00
Teddy Reed
cd4de8023f Merge pull request #1630 from theopolis/fix_1626 
[Fix #1626] Add schedule blacklist and protect DBHandle
 2015-11-03 21:05:29 -08:00
Teddy Reed
edea3d6edd [Fix #1626] Add schedule blacklist and protect DBHandle 2015-11-03 20:50:22 -08:00
Teddy Reed
5728c93392 Remove specific filenames from RocksDB IOErrors 2015-11-02 15:12:52 -08:00
Teddy Reed
402490e75b Attempt to improve DB/query performance 2015-11-02 10:57:01 -08:00
Teddy Reed
19427b1854 Add database benchmarks 2015-11-02 10:57:01 -08:00
Teddy Reed
d27a7ecc4c Fix clang warnings, promote warnings to errors 2015-11-01 02:12:07 -08:00
Teddy Reed
8ca2925ef0 [Fix #1583] Require osqueryd to have R/W access to RocksDB 2015-10-27 16:09:24 -07:00
Robert C. Seacord
e57828aac3 changes for integer sign problems 2015-10-17 00:18:35 +00:00
Robert C. Seacord
acb2f6f628 eliminating diagnostics, mostly for comparisons between signed and unsigned operations 2015-10-16 16:10:37 +00:00
Teddy Reed
fb56646623 Restrict RocksDB log level to ERROR 2015-10-11 10:50:56 -07:00
Teddy Reed
bbac2cf07f [#1529] Allow DB Readonly with RocksDB lite 2015-09-28 01:50:32 -07:00
Teddy Reed
284dac71de Write helpful DB access/open error to verbose log 2015-09-20 10:35:26 -07:00
Mike Arpaia
9929c61c94 Merge pull request #1500 from marpaia/remote 
Client-side implementation of distributed queries
 2015-09-08 15:02:32 -07:00
Mike Arpaia
aaa03a1058 Distributed queries client-side 2015-09-08 13:33:48 -07:00
Mike Arpaia
07283817cb Removing remnants of a refactoring from Christmas Past 2015-09-04 11:33:33 -07:00
Teddy Reed
5bf30a779d RocksDB usage speedups 2015-08-15 20:43:53 -07:00
Teddy Reed
deecef81c5 Fix broken JOIN predicate passing 2015-07-16 11:29:56 -07:00
Michael O'Farrell
ba28b47239 Merge pull request #1298 from theopolis/event_streams 
Event index time and streaming
 2015-07-07 18:27:35 -07:00
Teddy Reed
bf65e3d2d6 Event index time and streaming 2015-07-07 00:44:57 -07:00
Teddy Reed
a8813ab7d8 Some tweaks to estimated scratch/heap for SQLite and RocksDB 2015-07-02 13:52:39 -07:00
Mike Arpaia
ba89b67cc5 Install snappy headers instead of just the library 
We found that not installing the headers for snappy caused RocksDB's
snappy detection to not find that snappy was installed:
https://goo.gl/YOWJl0

The snippet there requires that the headers are installed, not just the
library. By installing the headers, we can ensure that snappy is linked.

OR, alternatively, we could just leave it and not link snappy. It's
uncertain what the specific benefits of including snappy are for our
use-case. (CC @igorcanadi)
 2015-07-01 16:14:06 -07:00
Teddy Reed
0669d8205e Merge pull request #1174 from theopolis/remote_logger 
TLS/HTTPS-based logger plugin
 2015-06-02 02:59:34 -07:00
Teddy Reed
33f53809ad Fix DBHandle checking with concurrent processes. 
`make tests` fails with another osquery process running.
The backing-store check happens after a config plugin is setUp and
the initial load occures. This may involve calls to cached keys, the
check should occur pre-config initialize.
 2015-06-02 02:50:04 -07:00
Teddy Reed
da9bd5801b Migrate HTTP remote logger to TLS logger 2015-06-01 10:12:31 -07:00
Mitchell Grenier
418e6495c0 Adding a remote logger for osquery 
The first draft of the remote logger for osquery. This should give a rough idea
of how the code will be structured and function. RFC please.

At the advice of @theopolis, I removed the category type and added the
http_logger key. We figure this should be more efficient and doesn't have to
be known at compile time.
 2015-05-28 17:14:56 -07:00
Teddy Reed
8b3686a58a TLS plugin workflow tests 2015-05-26 19:55:00 -07:00
Teddy Reed
e6c838131b Limit the number of RocksDB log files 2015-05-05 16:14:24 -07:00
Teddy Reed
c63bf0451a Various exception hardening 2015-05-03 14:18:20 -07:00
Teddy Reed
e01a73b4f3 Schedule monitoring, doc updates, logger plugin fixes 2015-05-03 11:54:15 -07:00
Teddy Reed
b66a350526 Allow snapshot scheduled items 2015-04-29 15:55:00 -07:00
Teddy Reed
be65922569 Fast tests 2015-04-27 09:40:31 -07:00
Teddy Reed
2d3de51510 Restrict permissions on RocksDB paths 2015-04-14 21:07:21 -07:00
Teddy Reed
14a09cc6f2 Change schedule to a map, splay on config update 2015-03-24 16:28:49 -07:00
Mitchell Grenier
c8e116aa7d Reinstated the extra escape with changes 
I put the original escape back in but redirected the call to a new function
that will escape characters in the form of \xNN when:

`byte < 0x20 || byte >= 0x80`

This leaves slashes alone and should fix this issue.

UPDATE: Tests have also been added. Added an English test to test for NOP.
 2015-03-23 10:49:28 -07:00