valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,535 Commits 2 Branches 109 Tags 25 MiB
a99b62a31d
Commit Graph

2535 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teddy Reed
a99b62a31d Preserve atime and mtime by default for readFile 2015-12-11 22:18:45 -08:00
Teddy Reed
166eec8821 Merge pull request #1725 from theopolis/extend_file_events 
Extend fields of file_events
 2015-12-11 13:35:47 -08:00
Teddy Reed
718ff77864 Extend fields of file_events 2015-12-11 10:26:36 -08:00
Teddy Reed
c6e9f0e321 Merge pull request #1724 from theopolis/faster_hashing 
Speed up file hashing
 2015-12-11 08:59:06 -08:00
Teddy Reed
4fdc7eb1f1 Merge pull request #1723 from theopolis/file_table_mods 
Reorganize file_events into process_file_events
 2015-12-11 08:39:42 -08:00
Teddy Reed
98eb6a5055 Reorganize file_events into process_file_events 2015-12-11 00:58:22 -08:00
Teddy Reed
59750ec87d Speed up file hashing 2015-12-11 00:36:16 -08:00
Teddy Reed
1a1b07b5c6 Merge pull request #1716 from theopolis/pack_shards 
[#1636] Add simple sharding to packs and pack queries
 2015-12-10 17:37:57 -08:00
Teddy Reed
18418f12a6 Merge pull request #1722 from PickmanSec/patch-1 
Update osx-attacks.conf
 2015-12-10 16:16:47 -08:00
Richard Pickman
2fbe6a48b0 Update osx-attacks.conf 
Make Genieo query use 'like' instead of '='
 2015-12-10 16:01:31 -08:00
Teddy Reed
a3a7af9ac0 Merge pull request #1721 from lexelby/fix_fim_moves 
DRY for inotify event mask (we missed IN_MOVE)
 2015-12-10 13:53:48 -08:00
Lex Neva
e9c183d962 DRY for inotify event mask (we missed IN_MOVE) 2015-12-10 16:00:02 -05:00
Teddy Reed
9d394065e3 [#1636] Add simple sharding to packs and pack queries 2015-12-10 10:01:53 -08:00
Teddy Reed
67989b8765 Merge pull request #1717 from theopolis/fix_1714 
[Fix #1714] Restore balance to the DOUBLE force
 2015-12-09 17:58:07 -08:00
Teddy Reed
675d1d2267 [Fix #1714] Restore balance to the DOUBLE force 2015-12-09 17:28:30 -08:00
Teddy Reed
96f52015e1 Merge pull request #1713 from theopolis/sqlite_3.10 
Bump SQLite to the 3.10 draft and enable JSON extensions
 2015-12-09 02:07:42 -08:00
Teddy Reed
4129c6b191 Add 'AggStep0' to OpCode type discovery 
Closes: #1699
 2015-12-09 01:53:40 -08:00
Andrew Dunham
c922b784be Enable "json1" extension 
Also bump the version of third-party/ to use latest SQLite
 2015-12-09 01:25:25 -08:00
Teddy Reed
7174e98379 Merge pull request #1712 from theopolis/fsevents_canary_path 
Add canary path on empty FSEvents subscription set
 2015-12-09 01:24:42 -08:00
Teddy Reed
9f79d74c60 Add canary path on empty FSEvents subscription set 2015-12-09 00:14:08 -08:00
Teddy Reed
fe234f8f96 Merge pull request #1711 from theopolis/fix_refresh_config 
Fix quick regression with config refresh runner
 2015-12-08 16:11:37 -08:00
Teddy Reed
1436d9d73a Fix quick regression with config refresh runner 2015-12-08 15:53:19 -08:00
Teddy Reed
113bcaf4f3 Merge pull request #1710 from theopolis/sentient_config 
Remove passwd_changes and user_data from event callbacks
 2015-12-08 14:31:32 -08:00
Teddy Reed
309944c586 Configuration triggered publisher reconfiguration 2015-12-08 14:03:35 -08:00
Teddy Reed
6602a59b7d Change EventSubscriber API to include subscription references 2015-12-07 22:22:04 -08:00
Teddy Reed
b7650e5291 Remove passwd_changes and user_data from event callbacks 2015-12-07 17:47:38 -08:00
Teddy Reed
02c2b37a5d Merge pull request #1709 from theopolis/expire_results 
[Fix #1694] Expire results for 'old' scheduled queries
 2015-12-07 14:01:44 -08:00
Teddy Reed
877c050466 Merge pull request #1708 from theopolis/tsk_more 
Additional TSK table: device_hash
 2015-12-07 12:23:58 -08:00
Teddy Reed
12716496aa [Fix #1694] Expire results for 'old' scheduled queries 2015-12-07 12:23:43 -08:00
Teddy Reed
b88d6816f3 Additional TSK tables 2015-12-07 08:36:22 -08:00
Teddy Reed
c020bb87b4 Merge pull request #1705 from theopolis/dump 
[#1702] Add config and database dumping to stdout
 2015-12-06 21:41:31 -08:00
Teddy Reed
3d7bfd4bf5 Merge pull request #1707 from theopolis/pathcl_pep8 
PEP8 Compliance && Python 3.X compatibility
 2015-12-06 21:25:39 -08:00
pathcl
6c8cc20117 PEP8 Compliance && Python 3.X compatibility 
Signed-off-by: Teddy Reed
Merge-conflicts-by: Teddy Reed

Closes: #1586
 2015-12-06 20:57:30 -08:00
Teddy Reed
24aa387eb0 Merge pull request #1696 from theopolis/node_invalid 
[#1676] Clear node key on node_invalid
 2015-12-06 17:10:12 -08:00
Teddy Reed
bfa0d617be Merge pull request #1679 from theopolis/support_multi_loggers 
[#1648] Support multiple loggers
 2015-12-06 15:00:32 -08:00
Teddy Reed
eeff5d0bf0 [#1676] Clear node key on node_invalid 2015-12-06 14:28:00 -08:00
Teddy Reed
9ebd292eb6 [#1648] Support multiple loggers 2015-12-06 11:10:10 -08:00
Teddy Reed
fef53fa0d0 Add config and database dumping to stdout 2015-12-06 11:01:26 -08:00
Teddy Reed
53419375f1 Merge pull request #1703 from theopolis/fix_chrome 
Fix chrome-based extension virtual table ID extraction
 2015-12-04 13:32:52 -08:00
Teddy Reed
ad07e07879 Make chrome extension identifiers easier to extract 2015-12-04 11:50:13 -08:00
Teddy Reed
1acba4dfa6 Merge pull request #1700 from theopolis/tsk2 
TSK integration and example tables
 2015-12-04 11:26:03 -08:00
Teddy Reed
f687a84840 [Fix #1689] Remove C-style comments from config examples 2015-12-04 11:08:54 -08:00
Teddy Reed
373ce339dc TSK integration and example tables 2015-12-04 11:08:51 -08:00
Teddy Reed
e5bc6410ba Merge pull request #1697 from theopolis/fix_1660 
[Fix #1660] Prevent spurious NETLINK recv retries
 2015-12-02 23:56:39 -08:00
Teddy Reed
4dc6b9f0a3 [Fix #1660] Prevent spurious NETLINK recv retries 2015-12-02 23:33:20 -08:00
Teddy Reed
a8c13551a9 Merge pull request #1695 from theopolis/planner_more 
[Fix #1693, #1527] Add osquery-specific query planner output
 2015-12-02 20:17:15 -08:00
Teddy Reed
ffb5b7020e [Fix #1693, #1527] Add osquery-specific query planner output 2015-12-02 19:57:24 -08:00
Teddy Reed
4f0ea13da1 Merge pull request #1683 from jajce/master 
Fixing build for Ubuntu 10.04 Lucid
 2015-11-30 10:32:03 -08:00
Mykola Kokalko
652e5a24f3 [Fixed] build for lucid 
[Added] python packages which are not installable via pip on lucid

[Moved] installing latest bison and openssl right before thrift building for lucid

[Fixed] package bison installation for not lucid

[Added] OpenSSL dependency for lucid

[Changed] prefix to /usr/local

[Fixed] wrong file for checking if dependency is intalled
 2015-11-30 17:49:31 +01:00
Teddy Reed
58456a659a Merge pull request #1687 from theopolis/more_certs 
[Fix #1686] Add 'subject' and 'signing_algorithm' to certificates
 2015-11-29 18:59:27 -08:00