valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,708 Commits 2 Branches 109 Tags 25 MiB
9bfd3f4a2d
Commit Graph

117 Commits

Author SHA1 Message Date
Alexander
0f0440fa61
Removing potentially risky method getOr(T const&) from Expected (#5174) 
Too dangerous, because it is so easy to create a dangling reference (to local object for instance) with it.

It was discussed in terms of PR #4833
 2018-09-07 11:49:47 +01:00
Alexander
dcfe83a0aa
Helper functions tryTake, tryTakeCopy to lookup in key-value tables (#4833) 
There are a lot of lookups in the maps the osquery code. Most of them are verbose and not-optimal with check if such key exists in the table before get access. Some of them consists error e.g.:
```c++
    r["uid"] = row.count("uuid") > 0 ? row.at("uid") : "";
```
Introduced code will help to avoid the most of such problems.
 2018-08-28 12:31:10 +01:00
Giorgi Guliashvili
47f07f8f06
resolve -Wwritable-strings warning (#4831) 2018-08-09 13:31:50 +01:00
Jonathan Keljo
9e697be13d Introduce .types shell command (#4704) 2018-08-07 17:30:39 +01:00
Alexander
f2695b034c
Fix up name style for the Expected methods takeOr and getOr (#4747) 
according to the osquery c++ style guide. Until it's not too late.
 2018-07-23 22:20:04 +01:00
Alessandro Gario
8fe570bed7 feature: Write support for tables implemented from extensions (#4094) 2018-07-17 09:12:09 -07:00
Alexander
d31e1bc2e7
Implement generic tryTo for string to boolean converions (#4689) 
Implement generic `tryTo` for string to boolean converions
Also use it in some obvious placed in codebase
 2018-07-12 15:07:36 +01:00
Max Kareta
4b8d7f0c53
moved from file(GLOB); added CMAKE_CURRENT_LIST_DIR to support include syntax (#4582) 2018-06-18 14:24:20 +01:00
Max Kareta
5aca61375f
reorganized includes to improve compile time (#4445) 2018-05-30 00:17:40 +01:00
Alexander
8de02701f2 Apply const qualifier for Config::packs(...) method (#4387) 2018-05-18 18:37:33 +01:00
Mitchell Grenier
94b48ea87f
Fix JSON output from --json (#4134) 2018-02-16 15:41:44 -08:00
Teddy Reed
90a737ead7
Replace most of boost::property_tree with rapidjson (#3910) 2018-01-20 20:58:01 -05:00
Teddy Reed
00040c6c1a
feature: URI parsing from folly (#4035) 2018-01-06 20:26:36 -08:00
Teddy Reed
f6d077cbf7
license: Change license to Apache 2.0 and GPLv2 (#4007) 2017-12-18 16:04:06 -08:00
Mitchell Grenier
c3a2171ebc Tighten up the event tapping code (#3917) 2017-11-09 13:21:22 -08:00
Teddy Reed
a7c2669ba3
tidy: Improve clang-tidy (modernize) list of checks and run across codebase (#3870) 2017-10-29 22:25:49 -07:00
Teddy Reed
979cd4e5d1 [Fix #3831] Apply per-DB instance attach locking (#3862) 2017-10-21 11:19:57 -07:00
Teddy Reed
676430b019 [Fix #3831] Do not lock kAttachMutex within shell callbacks (#3837) 2017-10-16 13:46:14 -07:00
Tony
d8dddacb31 Fixes compilation issues with latest master branch (#3826) 2017-10-13 21:03:59 -07:00
Teddy Reed
cf170c4278 cleanup: Move query out of database header (#3576) 2017-08-20 02:44:38 -07:00
Teddy Reed
d581be4ef0 Fix #3522: Do not call SQL ctor directly (#3524) 2017-08-02 20:20:19 -07:00
Teddy Reed
b38a62be8b config: Rename getInstance to get for consistency (#3350) 2017-05-28 23:04:53 -07:00
Teddy Reed
0de5d3c381 external: Enable external applications through make external (#3023) 2017-02-26 17:38:01 -08:00
Teddy Reed
0e9733f94c Simplify Registry and plugin concepts (#2887) 2017-01-07 12:21:35 -08:00
Teddy Reed
5846c97d9e Fix innocuous memory leak when exiting osqueryi (#2825) 2016-12-02 10:43:43 -08:00
Teddy Reed
7f1dbd604e Remove readline from Linux provision (#2786) 2016-11-20 11:36:19 -08:00
Teddy Reed
62608f9a08 Minor reorganization of osqueryi linking (#2724) 2016-11-06 01:17:48 -08:00
Teddy Reed
59f0bad67c Additional compiler checks, including shadow (#2486) 2016-11-06 01:17:04 -08:00
Teddy Reed
909db4f2db Add .features and .summary meta commands (#2695) 2016-10-30 16:23:22 -07:00
Teddy Reed
b814fd54dc [Fix #2674] Add SQLite prepare lock to shell_exec (#2677) 2016-10-24 08:25:38 -07:00
Teddy Reed
ab57130178 [Fix #2630] Remove 'definition' TablePlugin action (#2633) 2016-10-18 00:15:38 -07:00
Teddy Reed
9a0c5c4556 deps: Use linenoise-ng for all platforms (#2613) 2016-10-11 22:16:21 -07:00
Rogelio Domínguez Hernández
5a0fbaf3b5 Fix memory leak at osquery/devtools/shell.cpp (#2562) 2016-09-29 09:31:56 -07:00
Teddy Reed
1bc52f8a50 [Fix #2443] Restore shellstaticFunc argument names (#2444) 2016-09-07 14:28:56 -07:00
yying
84e6a3401a Reducing compiler warnings and fails on warn in VS (#2433) 2016-09-02 15:04:03 -07:00
Teddy Reed
49ee904aea Add .list and .socket to shell meta command set (#2418) 2016-08-29 12:37:04 -07:00
yying
6eb3cc4f9a Refactored timer functionality in osquery shell (#2290) 2016-07-25 15:35:34 -07:00
yying
0ef284b8e7 Changes to make osqueryd/osqueryi mostly build sans cputime/uptime tables (#2283) 2016-07-25 11:58:55 -07:00
Teddy Reed
c4acfe89e5 Introduce table aliases (#2104) 2016-05-19 09:40:43 -07:00
Teddy Reed
0ffe0c9d16 Add --pack flag to the shell (#2093) 
This introduces a new testing-related flag to the osqueryi shell.
The --pack flag takes a single argument, the name of a configured pack.

To list the configured packs try:
$ osqueryi -A osquery_packs

To run all queries, immediately and serially, try:
$ osqueryi --pack NAME_OF_PACK
 2016-05-12 09:22:05 -07:00
Teddy Reed
ebb0ab30ce Fix shell's --profile switch 2016-03-20 16:05:13 -07:00
Teddy Reed
15a998e54f Use the default shutdown flow within extensions 2016-03-20 01:45:49 -07:00
Teddy Reed
a6c147700f Allow NULL values, stop using -1 as int/double invalid values 2016-03-09 18:24:17 -08:00
Teddy Reed
677c448dea Merge pull request #1897 from theopolis/remove_rdb 
Refactor backing storage
 2016-03-06 21:09:23 -08:00
Teddy Reed
afd17f8134 1. Reorganize RocksDB database handle into a plugin 
2. Introduce a SQLite-based database plugin
3. Refactor database usage to include local 'fast-calls'
4. Introduce an 'ephemeral' database plugin for testing (like a mock)
 2016-03-06 20:40:16 -08:00
Teddy Reed
8c3d2387e9 Add define to enable SQLite WHERETRACE 2016-03-04 20:41:06 -08:00
Teddy Reed
b21c2ed943 [#1816] Refactor DB instance management 2016-02-25 19:07:52 -08:00
Teddy Reed
15b037542e Merge pull request #1850 from theopolis/consolidate_conversions 
Consolidate string/text conversions outside of API
 2016-02-13 09:53:03 -08:00
Teddy Reed
8dc0fc1c95 Consolidate string/text conversions outside of API 2016-02-12 11:38:15 -08:00
Teddy Reed
dfbe049357 Exit shell with CTRL+C 2016-02-11 22:04:53 -08:00