valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,106 Commits 2 Branches 109 Tags 25 MiB
9f62c04f15
Commit Graph

4106 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brad Moylan
9f62c04f15 docs: Document --host_identifier=specified CLI option (#3974) 2017-12-04 11:03:56 -08:00
Chris Long
0bfba4ff74 Adding OSX detection for HiddenLotus (#3982) 2017-12-03 18:45:50 -08:00
uptycs-nishant
473920d601 Removing cpp-netlib name references (#3978) 2017-11-30 11:08:48 -08:00
Teddy Reed
d72d43af86
deps: Update db, librpm, and zstd libs for Linux and Darwin (#3980) 2017-11-30 11:08:15 -08:00
Tom Crayford
fb354b7d22 only daemon-reload if systemd is running (#3979) 2017-11-30 09:18:00 -08:00
Seshu Pasam
1c141995a3 Kafka SSL support (#3921) 2017-11-30 09:13:46 -08:00
Teddy Reed
e8cd9f139b
deps: Label licenses for library formulas (#3976) 2017-11-30 08:28:05 -08:00
Teddy Reed
13dfd0148c
audit: Force include and source files to be 100644 (#3971) 2017-11-30 02:01:04 -08:00
Nick Anderson
1097827ca2
daemon: set service status to SERVICE_STOPPED on exit (#3973) 2017-11-29 21:12:49 -08:00
Nick Anderson
61c404efdd
[Fix #3964] Returning exit code in powershell build script (#3972) 2017-11-29 08:03:48 -08:00
Reed Loden
6b6723110f tables: Add linux shadow table (#3902) 2017-11-28 00:51:44 -08:00
Teddy Reed
03984bc9a9
watcher: Use min for delay max and delay current (#3969) 2017-11-28 00:50:18 -08:00
Alexandre Fiori
5ffe9e91d1 build: Allow building as non-root on MacOS via pip user switch (#3968) 2017-11-28 00:01:42 -08:00
Mike Myers
b79c0e2621 Local Groups table for Windows (#3855) 2017-11-27 23:51:47 -08:00
Omer Katz
595fd11284 tables: augeas: Remove trailing slash from /files prefix (#3967) 2017-11-27 11:38:02 -08:00
Nick Anderson
6068d61068
tables: adding intel_me_info virtual table on Windows (#3960) 2017-11-27 11:26:08 -08:00
Teddy Reed
ee17e7e6f0
extensions: Fix path quotes on Windows (#3965) 2017-11-27 07:17:43 -08:00
Teddy Reed
bfb4061f39
remote: Remove legacy OpenSSL SSL symbol defines (#3961) 2017-11-27 00:29:57 -08:00
Omer Katz
6aa2648472 Augeas table performance imporvements (#3911) 2017-11-26 20:29:27 -08:00
Mitchell Grenier
7c95e98551
Fix Ryzen Core Count (#3432) 2017-11-22 20:33:09 -08:00
uptycs-nishant
9d46d9cb5f http_client: Fix for issue-3953 (#3958) 2017-11-22 16:26:54 -08:00
Teddy Reed
1cedf8d573
tables: Add basic Intel ME table returning version (#3956) 2017-11-22 00:39:18 -08:00
Mitchell Grenier
a73233263b Renaming the key_events table to user_interaction_events and adding mouse down (#3951) 2017-11-21 23:43:52 -08:00
Chris Long
93850b69f9 Adding detection for new "Symantec" Proton variant (#3952) 2017-11-21 23:27:04 -08:00
Nick Anderson
1239c8ccc5
tables: expanding windows programs table to encompass apps without GUID (#3945) 2017-11-20 08:21:21 -08:00
Nick Anderson
3d7f7cf037
tables: adding type column to users table to differentiate local users (#3946) 2017-11-20 08:21:06 -08:00
Nick Anderson
cb401f9ded
tables: adding certificate store to the cert path for Windows table (#3947) 2017-11-20 08:20:52 -08:00
Teddy Reed
3ad5267642
[Fix #3941] Stop renaming worker and extension argv[0] (#3943) 2017-11-20 07:24:55 -08:00
Teddy Reed
80cebc8318
extensions: Add 5min timeouts for read and send client calls (#3847) 2017-11-20 07:23:41 -08:00
Teddy Reed
120c0ee62e
Stop latent autoloaded extensions and apply an initial delay (#3944) 2017-11-19 18:56:42 -08:00
Teddy Reed
16d92d1dc6
docs: Remove quotes from flags documentation (#3937) 2017-11-18 15:22:33 -08:00
Teddy Reed
523ad777a8
[Fix #3931] Remove removed results correctly (#3938) 2017-11-18 15:21:11 -08:00
Chris Long
8e10156a1f Creating a windows-hardening pack and moving queries there (#3935) 2017-11-18 09:20:53 -08:00
Nick Anderson
ec2fc1a0c1
deployment: allowing for extra files to be bundled (#3936) 2017-11-17 09:23:10 -08:00
Teddy Reed
3f1a90c56b
website: Update building osquery blog article with office hours (#3933) 2017-11-16 15:01:24 -08:00
Teddy Reed
5ad0e599fc
website: Small blog post about community efforts (#3932) 2017-11-16 12:28:42 -08:00
Nick Anderson
582f638706
deploy: allowing for MSI packages to upgrade previous installers (#3927) 2017-11-16 07:50:01 -08:00
Nick Anderson
e43cb5f6fb
packs: fixing malformed win attack pack (#3928) 2017-11-15 21:46:48 -08:00
Nick Anderson
f7fe7861e2
docs: Adding details on installing osquery on Windows as a service (#3705) 2017-11-15 13:20:22 -08:00
Nick Anderson
da5106f78c
packs: updating query versions in windows attack packs (#3926) 2017-11-14 20:48:21 -08:00
isairamm
4d4a84e370 packs: Query to identify ccleaner malware (#3790) 2017-11-14 20:44:39 -08:00
Teddy Reed
d34d62186d
website: Add 2.10.2 release (#3925) 2017-11-14 18:36:12 -08:00
Chris Long
6fc5916a73 Adding queries to windows-attacks, fix version, nits (#3922) 2017-11-14 16:29:47 -08:00
Michal Sekletar
66977bf116 Print correct address family id for AF_UNIX sockets (#3909) 2017-11-11 13:26:39 -08:00
Mitchell Grenier
c3a2171ebc Tighten up the event tapping code (#3917) 2017-11-09 13:21:22 -08:00
Babatunde Micheal Okutubo
9fd2be038c Virtual table: Iptables port feature #3621 (#3897) 2017-11-08 18:02:44 -08:00
Teddy Reed
6aa127dcde
packages: Use source repo git describe for packages (#3914) 2017-11-08 17:40:50 -08:00
RJ Bergeron
47a236ead4 add post-installation script to reload systemd unit files on upgrade 2017-11-03 21:48:14 -07:00
Magicansk
8bf2d9e592 docs: Update process-auditing yara and debugging 2017-11-03 21:36:02 -07:00
Mitchell Grenier
beca5e68e9 Require root permissions to start the event tapping framework (#3849) 2017-11-01 07:31:50 -07:00