osquery-1

mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00

Author	SHA1	Message	Date
Teddy Reed	6db0c67555	Merge pull request #269 from vmauge/suidbin Add suid_bin vtable	2014-10-29 02:30:29 -07:00
Teddy Reed	8a9374d6e3	[vtables] Support linux crontab vars	2014-10-29 02:24:00 -07:00
Teddy Reed	94c64d80ce	Merge pull request #267 from facebook/kernel_modules [vtables] Linux kernel modules from procfs	2014-10-29 02:03:46 -07:00
Teddy Reed	818b223806	Merge pull request #266 from facebook/homebrew [vtables] Installed homebrew packages on OS X using paths	2014-10-29 02:00:26 -07:00
Vincent Mauge	471d5faaa0	Add suid_bin vtable The vtabel report : - path: full path of the file - unix_user: name of the owner (if not available display the uid) - unix_group: name of the groupe (if not available display the gid) - permissions: report suid or guid * S for suid bin * G for guid bin Example : osquery> select * from suid_bin; +----------------------------------------------------------------------------------------------------+-----------+---------------+-------------+ \| path \| unix_user \| unix_group \| permissions \| +----------------------------------------------------------------------------------------------------+-----------+---------------+-------------+ \| "/bin/ps" \| root \| wheel \| S \| \| "/bin/rcp" \| root \| wheel \| S \| \| "/Users/vmauge/suid_test" \| vmauge \| 999 \| SG \| \| "/usr/bin/at" \| root \| wheel \| S \| \| "/usr/bin/atq" \| root \| wheel \| S \| \| "/usr/bin/atrm" \| root \| wheel \| S \| \| "/usr/bin/batch" \| root \| wheel \| S \| \| "/usr/bin/crontab" \| root \| wheel \| S \| \| "/usr/bin/ipcs" \| root \| wheel \| S \| \| "/usr/bin/lockfile" \| root \| mail \| G \| \| "/usr/bin/login" \| root \| wheel \| S \| \| "/usr/bin/newgrp" \| root \| wheel \| S \| \| "/usr/bin/procmail" \| root \| mail \| G \| \| "/usr/bin/quota" \| root \| wheel \| S \| \| "/usr/bin/rlogin" \| root \| wheel \| S \| \| "/usr/bin/rsh" \| root \| wheel \| S \| \| "/usr/bin/su" \| root \| wheel \| S \| \| "/usr/bin/sudo" \| root \| wheel \| S \| \| "/usr/bin/top" \| root \| wheel \| S \| \| "/usr/bin/wall" \| root \| tty \| G \| \| "/usr/bin/write" \| root \| tty \| G \| \| "/usr/sbin/postdrop" \| root \| _postdrop \| G \| \| "/usr/sbin/postqueue" \| root \| _postdrop \| G \| \| "/usr/sbin/rpc.net" \| root \| wheel \| S \| \| "/usr/sbin/rpcset" \| root \| wheel \| S \| \| "/usr/sbin/traceroute" \| root \| wheel \| S \| \| "/usr/sbin/traceroute6" \| root \| wheel \| S \| +----------------------------------------------------------------------------------------------------+-----------+---------------+-------------+ This commit fixes issue #253.	2014-10-29 01:33:58 -07:00
Teddy Reed	339b63677e	[vtables] Rename homebrew files, some cleanup	2014-10-29 00:34:55 -07:00
Teddy Reed	c1991e94e5	[vtables] Add user crons and use files	2014-10-29 00:28:19 -07:00
Martin Majlis	d645dfc257	Initial implementation for the homebrew table.	2014-10-28 21:03:56 -07:00
Teddy Reed	9abcbcd485	[vtables] Linux kernel modules from procfs	2014-10-28 21:01:51 -07:00
Martin Majlis	f81975e90e	Merge branch 'crontab' of https://github.com/facebook/osquery into crontab	2014-10-28 19:44:13 -07:00
Martin Majlis	e8eb1e222f	Reformating the code with clang-formatter.	2014-10-28 19:43:13 -07:00
Martin Majlis	8b8ec7c644	Added initial implementation for crontab.	2014-10-28 17:52:03 -07:00
Martin Majlis	ad2340d919	Reformating the code with clang-formatter.	2014-10-28 17:49:51 -07:00
mimeframe	8578cb53f1	Update README.md	2014-10-28 17:36:22 -07:00
mimeframe	4341bd5448	Update README.md	2014-10-28 17:35:57 -07:00
mike@arpaia.co	332e9f3dd2	updating the username and repo [skip ci]	2014-10-28 19:32:24 -04:00
Martin Majlis	40b44a25e3	Added initial implementation for crontab.	2014-10-28 15:10:14 -07:00
Teddy Reed	2bb930f4d1	Merge pull request #251 from facebook/clang_format_3.5 Clang format 3.5	2014-10-28 09:05:17 -07:00
Teddy Reed	47d1f13966	Using Cpp03 to remove double right angle brackets	2014-10-27 17:56:55 -07:00
Teddy Reed	6e60612520	Using clang-format 3.5	2014-10-27 17:37:36 -07:00
Mike Arpaia	0f57dba4d9	Merge pull request #228 from facebook/bash_history_table Adding virtual table bash_history, for linux and darwin	2014-10-27 16:41:17 -04:00
mike@arpaia.co	dafd2d7534	updating comment	2014-10-27 16:34:00 -04:00
Teddy Reed	cc31e93762	Version bump, 1.0.3	2014-10-27 12:29:51 -07:00
Teddy Reed	163178e352	Merge pull request #250 from facebook/flags_cleanup Clean flags usage in daemon/shell and dbhandle	2014-10-27 12:27:07 -07:00
Teddy Reed	0a1925200e	Clean flags usage in daemon/shell and dbhandle	2014-10-27 12:09:35 -07:00
Teddy Reed	b5d989429b	Merge pull request #249 from facebook/options_love Changing flag infra, reducing config testing, adding debug macro	2014-10-27 10:32:11 -07:00
Teddy Reed	6d50d762ce	Changing flag infra, reducing config testing, adding debug macro	2014-10-27 10:30:02 -07:00
Teddy Reed	16c1fa68ba	Merge pull request #246 from facebook/db_handle_problems Fix permissions on DB handle	2014-10-27 10:27:07 -07:00
Teddy Reed	991cbdfb00	Fix permissions on DB handle	2014-10-27 10:05:08 -07:00
Mike Arpaia	a5f7dc1aa3	Merge pull request #247 from facebook/time-types time types	2014-10-27 12:47:52 -04:00
Mike Arpaia	a65f8dd046	cleaning up makefile [skip ci]	2014-10-27 10:11:15 -04:00
Mike Arpaia	8cee491459	Merge pull request #248 from facebook/site-updates updates to the static site	2014-10-27 10:10:05 -04:00
mike@arpaia.co	8367dab3fd	updates to the static site [skip ci]	2014-10-27 10:09:31 -04:00
mike@arpaia.co	2ba54f5211	time types	2014-10-27 09:13:21 -04:00
Teddy Reed	53afc6b8b2	Merge pull request #240 from facebook/event_logs Change log formatting to individual events	2014-10-26 14:53:58 -07:00
Teddy Reed	67dce20974	Log event results as a flat map	2014-10-26 10:18:26 -07:00
Teddy Reed	2346fa00d5	Merge pull request #243 from facebook/fix_100p [events] Fix SCNetwork runloop thrashing	2014-10-25 16:41:57 -07:00
Teddy Reed	9d6efc83b8	[events] Fix SCNetwork runloop thrashing	2014-10-25 07:01:57 -07:00
Javier Marcos	c8c3363455	Changed logic to ignore when history file is not found (expected)	2014-10-24 20:38:09 -07:00
Javier Marcos	542d53fd5e	Refactoring and added column for history file, also more history files supported	2014-10-24 20:29:23 -07:00
Teddy Reed	84e8718d62	Merge pull request #238 from facebook/unify_routes [vtable] Unify routes table for OSX/Linux	2014-10-24 17:08:16 -07:00
Teddy Reed	a82792b3f7	Log results as events	2014-10-24 17:05:17 -07:00
Javier Marcos	e76383233f	Merge branch 'bash_history_table' of https://github.com/facebook/osquery into bash_history_table	2014-10-24 15:07:57 -07:00
Teddy Reed	3d7c8b5684	[vtable] Unify routes table for OSX/Linux	2014-10-24 12:34:18 -07:00
Teddy Reed	35aeb1e87d	Merge pull request #237 from facebook/dual_build Build into platform-specific build dirs	2014-10-24 09:24:11 -07:00
Javier Marcos	8ca6c11d95	Merge pull request #235 from facebook/memory_leak_users_groups Bad memory leak with OpenDirectory and pwd/grp.h code	2014-10-23 18:26:54 -07:00
Javier Marcos	bf3cd15c91	Final fix for the allocation problem	2014-10-23 17:17:50 -07:00
Teddy Reed	1598892ab1	Fix Ubuntu build issues (proc/bz2/z)	2014-10-23 16:27:43 -07:00
Teddy Reed	5b2510784e	Build into platform-specific build dirs	2014-10-23 14:39:15 -07:00
Javier Marcos	f69913938f	Bad memory leak with OpenDirectory and pwd/grp.h code	2014-10-22 23:49:16 -07:00

... 3 4 5 6 7 ...

736 Commits