valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,750 Commits 2 Branches 109 Tags 25 MiB
b410458a76
Commit Graph

1750 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teddy Reed
b410458a76 Merge pull request #1079 from theopolis/db_cache 
Schedule monitoring, doc updates, logger plugin fixes
 2015-05-03 12:06:07 -07:00
Teddy Reed
e01a73b4f3 Schedule monitoring, doc updates, logger plugin fixes 2015-05-03 11:54:15 -07:00
Mike Arpaia
eb9da578f2 Merge pull request #1088 from sharvilshah/fix_https_mixed_content_warning 
[Docs] Fix 404s and https mixed content warning
 2015-05-02 12:21:28 -07:00
Sharvil Shah
cb396bd7b7 fix 404s as a result of relative links not having .md extension 2015-05-02 04:12:21 -07:00
Sharvil Shah
35c6cb8f39 Fix https mixed content warning by updating image links to https 2015-05-02 03:35:05 -07:00
Mike Arpaia
df4b171e6e Merge pull request #1084 from marpaia/remove-cpp-netlib-sdk 
[FIX #1082] Removing cpp-netlib from SDK
 2015-05-01 14:33:28 -07:00
Mike Arpaia
3311e17c06 [FIX #1082] Removing cpp-netlib from SDK 2015-05-01 14:00:10 -07:00
Javier Marcos
b3992ce7ae Making the spacing better and more OCD compliant 
Making the spacing better and more OCD compliant
 2015-04-30 14:50:43 -07:00
Javier Marcos
0ebe2fc9fb Adding the RHEL builds status 
Adding the RHEL builds status
 2015-04-30 14:48:31 -07:00
Javier Marcos
e66e1677c6 Changing the master build badge 
Changing the master build badge
 2015-04-30 14:41:34 -07:00
Teddy Reed
06aa60a127 Merge pull request #1074 from sharvilshah/disable_tables_runtime_flag 
[Implements #1016] Disable tables runtime flag
 2015-04-30 01:55:03 -07:00
Sharvil Shah
2735e731de Implement --disable_tables runtime flag 2015-04-30 01:41:01 -07:00
Mike Arpaia
61f993edda Merge pull request #1078 from jreese/docs-profile 
Add .py extension to build docs `tools/profile`
 2015-04-29 23:35:13 -07:00
Mike Arpaia
4b244c91b4 Merge pull request #1077 from jreese/readme 
Fix build/osqueryi/osqueryd doc links in readme
 2015-04-29 23:34:40 -07:00
John Reese
bc978475c8 Add .py extension to build docs tools/profile 2015-04-29 23:14:34 -07:00
Javier Marcos
05855816f2 Support RHEL6 
Adding support to build RHEL6
 2015-04-29 22:48:01 -07:00
John Reese
da5a3f9391 Fix build/osqueryi/osqueryd doc links in readme 
The current links result in errors because they don't include
"/en/latest" in the URL paths.  This also upgrades the links to https.
 2015-04-29 22:07:49 -07:00
Teddy Reed
13c4e27629 Merge pull request #1067 from theopolis/snapshots 
[#966] Allow snapshot scheduled items
 2015-04-29 18:47:24 -07:00
Teddy Reed
a4c3a869de Merge pull request #1073 from theopolis/file_events 
Rename file_changes to file_events
 2015-04-29 18:43:57 -07:00
Javier Marcos
f30a8207df Support RHEL6 
Package changes from RHEL6 to RHEL7
 2015-04-29 18:33:27 -07:00
Javier Marcos
e83b813399 Support RHEL6 
This enables support for building osquery in RHEL6
 2015-04-29 18:31:13 -07:00
Teddy Reed
9658d4377c Rename file_changes to file_events 2015-04-29 16:27:29 -07:00
Teddy Reed
3c117fa5f3 Add rhel-6-server-optional-rpms to RHEL6 2015-04-29 16:21:07 -07:00
Teddy Reed
c012d1c1d3 Merge pull request #1070 from wxsBSD/yara_relative 
Make YARA rule compiling handle relative paths.
 2015-04-29 15:56:17 -07:00
Teddy Reed
b66a350526 Allow snapshot scheduled items 2015-04-29 15:55:00 -07:00
Teddy Reed
ab44f2d32f Merge pull request #1071 from theopolis/safer_testing_harness 
Towards safer and shuffled unittests
 2015-04-29 15:42:46 -07:00
Teddy Reed
d0bbb0bc4f Towards safer and shuffled unittests 2015-04-29 14:43:27 -07:00
Teddy Reed
b1bd02c754 Merge pull request #1072 from theopolis/arirubinstein-master 
First iteration of FIM documentation
 2015-04-29 13:38:46 -07:00
Ari Rubinstein
a69a4b1903 First iteration of FIM documentation 2015-04-29 12:46:51 -07:00
Teddy Reed
0def8ec8a6 Merge pull request #1062 from wxsBSD/yara_docs 
First cut at YARA docs.
 2015-04-29 12:39:52 -07:00
Wesley Shields
546d298196 Move yara relative paths to /etc/osquery/yara. 2015-04-29 10:16:11 -04:00
Wesley Shields
82123d14d1 Make YARA rule compiling handle relative paths. 
Previously this only existed in the yara table, but it now exists in the
yara config parser land, which will compile signature groups upon
update. Now your signature groups can reference signature files using
paths relative to /var/osquery.
 2015-04-28 23:06:02 -04:00
Wesley Shields
f431280c2e Address concerns from Mike. 
Mostly cleanup as it moved from a gist to get the word out to docs.

This does assume that the change from file_changes to file_events
in #1049 will happen.
 2015-04-28 21:55:22 -04:00
Javier Marcos
cf12156c09 Building in RHEL with g++ 
Using clang won't work
 2015-04-28 18:13:12 -07:00
Wesley Shields
5de1f484df First cut at YARA docs. 2015-04-27 23:59:55 -04:00
Teddy Reed
467ecc20ae Merge pull request #1059 from theopolis/shell_improv 
Various shell fixups
 2015-04-27 17:29:02 -07:00
Teddy Reed
d5b9c0216b Merge pull request #1058 from theopolis/catching_registry 
Apply vegas-style rules to call
 2015-04-27 17:28:18 -07:00
Teddy Reed
2c5cbdee63 Various shell fixups 2015-04-27 16:40:05 -07:00
Teddy Reed
2b5b9683a4 Apply vegas-style rules to call 2015-04-27 15:08:03 -07:00
Teddy Reed
04f80f1ef3 Merge pull request #1057 from wxsBSD/yara_fix2 
Move YARA initialization to setUp().
 2015-04-27 14:42:32 -07:00
Teddy Reed
df5ee4aca8 Merge pull request #1054 from theopolis/chrome_profiles 
[Fix #1017] Use a fs glob in chrome-extensions searching
 2015-04-27 11:45:30 -07:00
Teddy Reed
cd7d68c994 Use a fs glob in chrome-extensions searching 
Chrome (non-Opera) may use multiple profiles before the
extensions dir. Use a glob before searching for extensions/versions.
 2015-04-27 11:36:44 -07:00
Teddy Reed
beb28a3f96 Merge pull request #1051 from theopolis/slim_shell 
Remove unpopular features from shell
 2015-04-27 10:53:55 -07:00
Teddy Reed
3f36241448 Merge pull request #1056 from theopolis/fast_tests 
Fast tests
 2015-04-27 10:49:51 -07:00
Wesley Shields
bb392c42f6 Move YARA initialization to setUp(). 
This was causing a crash when executing a query using the yara table
from the command line, because YARA was never initialized properly, so
the thread index was whatever was left on the stack. Eventually YARA
would attempt to set a rule that matches using this thread index and
would explode in flames.

Fix it by moving the initialization to a place that is always called.
 2015-04-27 13:45:20 -04:00
Teddy Reed
be65922569 Fast tests 2015-04-27 09:40:31 -07:00
Teddy Reed
149cc8594b Remove unpopular features from shell. 
Remove modes: HTML, Tabs, Explain.
Remove stats (meaningless for virtual tables).

Use the osquery SQLite DB manager within meta and shell SQL
execution to allow registry/extensions non-locking access.

This allows existing runtime DB manipulators to prefer a locking
modifier. Currently these manipulators will fallback to a more
transient db instance. The effect was, no shell-accessible runtime
created virtual tables.
 2015-04-26 18:54:27 -07:00
Teddy Reed
ed69536c06 Update ubuntu.sh 2015-04-26 17:41:08 -07:00
Teddy Reed
337a20cc75 Install cmake 3.2.1 on 14.04 
The repo-provided CMake is at 2.x, which will build extra cpp-netlib tests.
 2015-04-26 17:41:08 -07:00
Mike Arpaia
b3540034f8 Merge pull request #1038 from marpaia/file_wildcard 
[Fix #1013] wildcard support in file table
 2015-04-26 16:10:50 -07:00