Teddy Reed
|
d581be4ef0
|
Fix #3522: Do not call SQL ctor directly (#3524)
|
2017-08-02 20:20:19 -07:00 |
|
Seshu Pasam
|
6495f14828
|
EC2 instance tags implementation. (#3507)
|
2017-08-02 13:40:59 -07:00 |
|
Teddy Reed
|
0b0c5febd1
|
tables: Add device_firmware to darwin (#3499)
|
2017-08-02 09:48:09 -07:00 |
|
Jason Meller
|
8ba9a54daa
|
tables: Implement sharing_preferences table for Darwin (#3509)
|
2017-08-02 09:30:35 -07:00 |
|
Jason Meller
|
c4010bd306
|
tables: Implement shared folders table for Darwin (#3510)
|
2017-08-01 20:33:57 -07:00 |
|
Seshu Pasam
|
9b3be1c02d
|
Fixes from static code analysis (#3512)
|
2017-08-01 20:13:25 -07:00 |
|
Teddy Reed
|
90c6a44599
|
freebsd: Some refactoring to processes table (#3442)
|
2017-08-01 16:58:26 -07:00 |
|
Teddy Reed
|
30aae77259
|
extensions: Call wait on all extensions before respawning (#3516)
|
2017-08-01 15:16:22 -07:00 |
|
Mitchell Grenier
|
ba35a92243
|
Expand Carver APIs and Add Compression (#3386)
|
2017-07-31 11:11:45 -07:00 |
|
Seshu Pasam
|
5b42749d93
|
Some "make audit" output fixes. (#3508)
|
2017-07-31 11:06:08 -07:00 |
|
Jason Meller
|
b9fbf583d0
|
Darwin: Add gatekeeper tables (#3461)
|
2017-07-27 10:51:31 -07:00 |
|
Rohit Varkey Thankachan
|
3cd26ac48c
|
Add collisions to the interface_details table (#3491)
|
2017-07-24 13:51:50 -07:00 |
|
Nick Anderson
|
30e5b89df8
|
Adding in additional program installation locations (#3484)
|
2017-07-24 09:22:20 -07:00 |
|
Teddy Reed
|
295acfcf3d
|
worker: Do not ignore SIGCHLD to exit faster (#3487)
|
2017-07-24 08:48:06 -07:00 |
|
Teddy Reed
|
30a9f23cb0
|
tsan: Fix watcher and posix utils tsan findings (#3489)
|
2017-07-24 07:19:31 -07:00 |
|
Teddy Reed
|
98d91192b4
|
audit: Isolate the audit consumer logic into a thread (#3486)
|
2017-07-24 00:27:19 -07:00 |
|
Teddy Reed
|
9b7ce1b5ad
|
logger: Fail all plugins if any fail (#3488)
|
2017-07-24 00:26:19 -07:00 |
|
Zachary Wasserman
|
b86869208d
|
Fix error handling in AWS logger plugins (#3426)
|
2017-07-22 19:41:39 -07:00 |
|
uptycs-nishant
|
43046f48da
|
Inotify: re-implemented remove/add subscription and remove/add monito… (#3459)
|
2017-07-21 20:00:34 -07:00 |
|
Nick Anderson
|
de0c0c0663
|
Updating windows system_info to return fqdn for hostname (#3470)
|
2017-07-21 11:22:07 -07:00 |
|
Nick Anderson
|
dfbcd50737
|
windows: Adding osqueryi and osqueryd integration tests (#3479)
|
2017-07-21 11:20:56 -07:00 |
|
Nick Anderson
|
891a6fb17a
|
windows: Fixing watcher respawn logic for killed worker processes (#3475)
|
2017-07-21 11:10:06 -07:00 |
|
Mitchell Grenier
|
7801ac6dce
|
Add mount to fsevents (#3480)
|
2017-07-20 09:44:38 -07:00 |
|
Mitchell Grenier
|
0c7059ed0a
|
APFS Globbing Order Change (#3473)
|
2017-07-19 13:14:50 -07:00 |
|
Mitchell Grenier
|
951b009069
|
Fix a crash in interface_details on windows (#3478)
|
2017-07-18 18:38:01 -07:00 |
|
Teddy Reed
|
a9799a9426
|
Allow caching for tables with indexes and additionals (#3472)
|
2017-07-18 00:08:38 -07:00 |
|
Teddy Reed
|
d6184f62b5
|
Set config refresh to 1 hour and fix retry (#3469)
|
2017-07-17 22:28:11 -07:00 |
|
Mitchell Grenier
|
6fff46a20a
|
Fix ad_config table regression from splitting preferences and plist (#3474)
|
2017-07-17 17:52:52 -07:00 |
|
Teddy Reed
|
57f04c4c49
|
General code cleanup for the config (#3467)
|
2017-07-17 11:38:21 -07:00 |
|
Teddy Reed
|
1e9feba506
|
pidfile: Update pidfile to /var/run on Linux and fbsd (#3457)
|
2017-07-07 17:57:31 -07:00 |
|
Lambda Conjecture
|
ecb9e2ccf2
|
Add Epoch marker to scheduled query results (#3378)
|
2017-07-07 17:56:03 -07:00 |
|
Teddy Reed
|
190e46f994
|
aws: Restore exception error printing and upgrade to 1.1.5 (#3456)
|
2017-07-02 20:44:06 -07:00 |
|
Teddy Reed
|
dacfbd4584
|
Separate preferences from plist and add user-concept (#3455)
|
2017-07-02 18:28:59 -07:00 |
|
Teddy Reed
|
99675fdbb2
|
audit: Increase speed when using socket_events (#3449)
|
2017-07-02 17:18:40 -07:00 |
|
ryanheffernan
|
5d7de135dd
|
Adding URL Search hooks to ie_extensions table (#3452)
|
2017-06-30 11:12:43 -07:00 |
|
Nick Anderson
|
85d8af3996
|
carver: tar creation is now streamed (#3450)
|
2017-06-29 22:13:09 -07:00 |
|
Mitchell Grenier
|
9f9c729216
|
Fix test on High Sierra (#3451)
|
2017-06-29 16:46:04 -07:00 |
|
Teddy Reed
|
89ee28dcc4
|
watchdog: Fix disabled database and logging when watchdog is not used (#3448)
|
2017-06-28 23:24:18 -07:00 |
|
Teddy Reed
|
e3cafd53a3
|
tables: Add SSE bits to cpuid (#3446)
|
2017-06-28 16:00:05 -07:00 |
|
ryanheffernan
|
cf50143e69
|
Adding autoexec table for Windows (#3444)
|
2017-06-27 13:48:21 -07:00 |
|
ryanheffernan
|
80acd105f5
|
IE Extensions table for Windows - Browser Helper Objects (#3436)
|
2017-06-27 10:50:36 -07:00 |
|
Teddy Reed
|
617314c7df
|
tables: Add flags to interface_details (#3439)
|
2017-06-25 14:12:01 -07:00 |
|
Allan Liu
|
256d113a74
|
Linux software RAID table (#3304)
|
2017-06-21 21:58:37 -07:00 |
|
Seshu Pasam
|
2fd90bd5c1
|
Custom directory flag for augeas lenses (#3428)
|
2017-06-20 20:54:27 -07:00 |
|
Seshu Pasam
|
dc02616967
|
Check number of columns returned from 'docker top' (#3429)
|
2017-06-20 20:16:13 -07:00 |
|
Zachary Wasserman
|
a0a6e56314
|
Fix shadow declaration in darwin broswer_plugins (#3423)
|
2017-06-20 20:15:51 -07:00 |
|
Teddy Reed
|
28c10a415f
|
freebsd: Update Vagrantfile, config tests, and remove hidden visibility (#3419)
|
2017-06-18 18:30:57 -07:00 |
|
Teddy Reed
|
12daf75acd
|
virtual tables: Build Linux cpu_time on FreeBSD (#3417)
|
2017-06-18 15:32:48 -07:00 |
|
Teddy Reed
|
c81c815f75
|
tables: Add symlink column to file table (#3390)
|
2017-06-18 14:42:40 -07:00 |
|
Teddy Reed
|
0e294f8095
|
build: Major change to building within shared folders (#3415)
|
2017-06-18 14:41:05 -07:00 |
|
Rohit Varkey Thankachan
|
6b211a19ad
|
cpu_time on macos (#3392)
|
2017-06-18 14:28:07 -07:00 |
|
Teddy Reed
|
e75575ea66
|
build: Remove specific -mt from boost links (#3409)
|
2017-06-15 20:59:53 -07:00 |
|
Nicolas Bigaouette
|
23194c732d
|
Replace hardcoded paths throughout code base (#3387)
|
2017-06-15 19:31:52 -07:00 |
|
Nick Anderson
|
c4b6b33ad1
|
carver: gating carver code in CMake (#3407)
|
2017-06-15 09:40:58 -07:00 |
|
Nick Anderson
|
cffa9cb7a3
|
Changing init verbosity to honor verbose flag (#3406)
|
2017-06-14 21:08:33 -07:00 |
|
Teddy Reed
|
445fc12648
|
tests: Record process start time in tests (#3405)
|
2017-06-13 17:53:05 -07:00 |
|
Teddy Reed
|
a65e7caad8
|
sqlite: Remove the explicit copy and add mutex to function carve (#3404)
|
2017-06-13 17:27:00 -07:00 |
|
Teddy Reed
|
f8f5718297
|
watcher: Do not initialize the config in watcher (#3403)
|
2017-06-13 17:26:34 -07:00 |
|
Teddy Reed
|
4f7abe963d
|
Allow up to 64k rpm_package_files (#3402)
|
2017-06-13 13:22:55 -07:00 |
|
Teddy Reed
|
414cf83c6a
|
logger: Re-add syslog logger plugin (#3401)
|
2017-06-13 00:23:54 -07:00 |
|
Rohit Varkey Thankachan
|
dfb6d84112
|
Load Averages on POSIX systems using getloadavg (#3396)
|
2017-06-10 15:25:20 -07:00 |
|
Nick Anderson
|
4aa4a983fc
|
Triaging windows auto load extensions; (#3384)
|
2017-06-09 10:35:40 -07:00 |
|
Teddy Reed
|
8ad086098c
|
watcher: Add initial watchdog delay (#3360)
|
2017-06-08 18:03:30 +01:00 |
|
Mitchell Grenier
|
31793c6773
|
Trying to apply xiangfan-ms' patch (#3340)
|
2017-06-07 09:51:22 -07:00 |
|
ryanheffernan
|
80aaed8b05
|
[Fix #3313] Adding driver version + adding malloc/pointer safety to drivers table (#3319)
|
2017-06-05 09:06:49 -07:00 |
|
Teddy Reed
|
6ce053a45d
|
fim: Allow Linux publishers to be interrupted (#3376)
|
2017-06-02 21:39:35 -07:00 |
|
tpott
|
f2ed11c0ca
|
Adds platform_type to enrollment request (#3375)
|
2017-06-02 21:01:55 -07:00 |
|
Mitchell Grenier
|
739d910a2c
|
Fix #1546 Add local host name (#3370)
|
2017-06-02 16:15:50 -07:00 |
|
Mitchell Grenier
|
98418bdf35
|
Small docs change (#3371)
|
2017-06-01 10:49:39 -07:00 |
|
Rohit Varkey Thankachan
|
081ea9e76d
|
Virtual memory statistics for darwin (#3368)
|
2017-05-31 12:00:44 -07:00 |
|
Teddy Reed
|
eb4536dceb
|
config: Only reconfigure if content changes (#3356)
|
2017-05-30 19:22:41 -07:00 |
|
Mitchell Grenier
|
f9cb7149a9
|
[Tidy] Fix syscall deprecation on macOS (#3354)
|
2017-05-30 17:08:20 -07:00 |
|
Nick Anderson
|
c0085cc63c
|
Bumping thrift to install thrift compiler and squelch output (#3366)
|
2017-05-30 16:58:45 -07:00 |
|
Teddy Reed
|
a7162daea6
|
logger: Allow logString and logSnapshot to fast-track (#3362)
|
2017-05-29 23:49:37 -07:00 |
|
Mitchell Grenier
|
aba8f7524e
|
[Tidy] Fix all C99 warnings (#3353)
|
2017-05-29 23:31:43 -07:00 |
|
Teddy Reed
|
31eb83a1f4
|
packs: Allow posix in pack platform selection (#3364)
|
2017-05-29 23:13:59 -07:00 |
|
Teddy Reed
|
7844a8ea1b
|
nits: Use char-overload for find (#3363)
|
2017-05-29 23:13:10 -07:00 |
|
Teddy Reed
|
616172af56
|
logger: Rename BufferedLogSink instance and other nits (#3361)
|
2017-05-29 22:23:36 -07:00 |
|
Teddy Reed
|
70f30b99d8
|
watcher: Rename instance to get for consistency (#3359)
|
2017-05-29 17:16:19 -07:00 |
|
Teddy Reed
|
98505e5eb2
|
events: Sane defaults for expiration and max (#3358)
|
2017-05-29 16:10:24 -07:00 |
|
Teddy Reed
|
49ed383017
|
config: Unify the config refresh logic (#3351)
|
2017-05-29 14:09:44 -07:00 |
|
Mitchell Grenier
|
01518102aa
|
[Tidy] Fix four character literal warning (#3355)
|
2017-05-29 08:47:21 -07:00 |
|
Teddy Reed
|
8a93acfa1c
|
TSAN: Address failures and findings in LLVM 4.0 (#3343)
|
2017-05-29 02:06:57 -07:00 |
|
Teddy Reed
|
b38a62be8b
|
config: Rename getInstance to get for consistency (#3350)
|
2017-05-28 23:04:53 -07:00 |
|
Teddy Reed
|
73848c10ff
|
virtual tables: Add optional --table_delay between scans (#3349)
|
2017-05-28 22:37:38 -07:00 |
|
Teddy Reed
|
df82f8c50e
|
filesystem: Remove read_user_max flag (#3348)
|
2017-05-28 22:36:41 -07:00 |
|
Mitchell Grenier
|
fdf71643f8
|
Fix C99 array errors by moving array to the heap (#3346)
|
2017-05-28 20:46:54 -07:00 |
|
Mitchell Grenier
|
20327b32a2
|
Disallow the shadowing of local variables and fix existing shadows (#3347)
|
2017-05-28 20:44:11 -07:00 |
|
Teddy Reed
|
854b38519f
|
extensions: Clear signals in autoload thread (#3345)
|
2017-05-28 17:42:43 -07:00 |
|
Teddy Reed
|
ae4de5628e
|
Add SANITIZE_UNDEFINED for UBSAN (#3344)
|
2017-05-28 00:40:08 -07:00 |
|
Mitchell Grenier
|
40056d3d25
|
Addressing a few nits for carver and system (#3339)
|
2017-05-26 23:55:51 -07:00 |
|
lxcode
|
8b7b37bf4f
|
Add table for FreeBSD kernel modules. (#3328)
|
2017-05-26 15:10:59 -07:00 |
|
Mitchell Grenier
|
62beb1e547
|
Fix #3220 Error loading packs not verbose enough (#3333)
|
2017-05-26 14:07:50 -07:00 |
|
Mitchell Grenier
|
600a5d017a
|
Add an sql function for carving paths (#3317)
|
2017-05-26 11:19:43 -07:00 |
|
Teddy Reed
|
9ba0edb4bb
|
darwin: Improve disk_events add detection (#3332)
|
2017-05-26 10:38:26 -07:00 |
|
Mitchell Grenier
|
bf2457ffcd
|
Address YARA hardcoded home folder issue (#3331)
|
2017-05-26 00:27:02 -07:00 |
|
Mitchell Grenier
|
ce62dc53ba
|
Rename new base64 functions to be like MySQL (#3329)
|
2017-05-25 22:24:25 -07:00 |
|
Teddy Reed
|
775a4cdcce
|
flags: Allow custom flags in configuration (#3301)
|
2017-05-25 21:29:31 -07:00 |
|
Mitchell Grenier
|
ccf5977b0e
|
Conditional base64 function (#3320)
|
2017-05-25 10:58:08 -07:00 |
|
Nick Anderson
|
4ab974d7ce
|
Fixing gle warning verbosity in drivers table and resharper lints (#3325)
|
2017-05-25 09:38:36 -07:00 |
|
Dan Sedlacek
|
06652449c3
|
[windows] refactor routes to properly display metrics and mtus (#3321)
|
2017-05-25 09:30:40 -07:00 |
|
Mitchell Grenier
|
fe1418f240
|
Adding a config block to create views (#3306)
|
2017-05-24 21:03:15 -07:00 |
|
Nick Anderson
|
dd66ce2a93
|
Removing pretty printing from windows event log data (#3322)
|
2017-05-24 17:00:52 -07:00 |
|
Nick Anderson
|
5261765261
|
Adding cmake changes to support a Windows Full Debug build (#3311)
|
2017-05-24 10:04:23 -07:00 |
|
Mitchell Grenier
|
21395f7cb5
|
Add base64 encode and decoding functions (#3312)
|
2017-05-24 09:38:10 -07:00 |
|
ryanheffernan
|
05b7b80891
|
Refactor Windows interface_addresses table to use win32 API and report accurate netmasks. (#3297)
|
2017-05-23 14:58:11 -07:00 |
|
Nick Anderson
|
e9dc7b0aa5
|
Carved files no longer contain carver fs path (#3296)
|
2017-05-23 12:42:27 -07:00 |
|
Mitchell Grenier
|
e0f5de75b9
|
Fix crash caused by boost's unhandled exception (#3309)
|
2017-05-23 09:29:03 -07:00 |
|
Mitchell Grenier
|
7ddb959b0d
|
Fix an reading past the end of buffer (#3307)
|
2017-05-23 09:16:27 -07:00 |
|
Seshu Pasam
|
5f732084a2
|
kDBInitialized should be checked after acquiring lock (#3302)
|
2017-05-22 20:11:35 -07:00 |
|
Teddy Reed
|
b427310241
|
deps: Rebuild the world, static and hidden (#3299)
|
2017-05-21 10:59:19 -07:00 |
|
Teddy Reed
|
8f07e1df23
|
database: Simplify database reset logic and locking (#3298)
|
2017-05-20 00:00:27 -07:00 |
|
lxcode
|
017fc1d33c
|
FreeBSD: fix patchlevel reporting (#3291)
|
2017-05-19 10:43:41 -07:00 |
|
lxcode
|
523fa01b21
|
Fix sudoers path on FreeBSD, add fields to os_version (#3286)
|
2017-05-16 11:59:49 -07:00 |
|
Teddy Reed
|
fb287745c6
|
linux: Use lld and ThinLTO on Linux (#3284)
|
2017-05-14 14:23:50 -07:00 |
|
Teddy Reed
|
fd882396e0
|
Use ThinLTO with LTO cache on Darwin (#3282)
|
2017-05-13 15:44:40 -07:00 |
|
Teddy Reed
|
127737bf0c
|
darwin: Fix FreeBSD genapi, ASL warnings (#3280)
|
2017-05-12 16:38:16 -07:00 |
|
lxcode
|
9b803d78d7
|
FreeBSD: Fix os_version, add pkgng package table (#3278)
|
2017-05-12 14:11:01 -07:00 |
|
Teddy Reed
|
2e6947642a
|
logger: Relay status logs to the enabled log sinks (#3275)
|
2017-05-11 21:08:14 -07:00 |
|
Nick Anderson
|
9b29f71c51
|
Removing permissive builds on posix (#3277)
|
2017-05-11 18:40:26 -07:00 |
|
Nick Anderson
|
95d916e24b
|
[Fix #3268] extensions autoload now correctly spawns extension processes (#3269)
|
2017-05-11 16:51:48 -07:00 |
|
Nick Anderson
|
777801e2a4
|
Fixing permissive ref issue (#3266)
|
2017-05-11 16:47:05 -07:00 |
|
ryanheffernan
|
46f7f287d2
|
Adding deleter for unique_ptrs using mallocs (#3273)
|
2017-05-11 16:46:25 -07:00 |
|
ryanheffernan
|
c279342226
|
Allow querying Windows Registry by 'path' column (#3270)
|
2017-05-11 10:29:59 -07:00 |
|
Seshu Pasam
|
920a4b5194
|
[Fix 2956] augeas table returns no data. (#3260)
|
2017-05-11 00:00:34 -07:00 |
|
Teddy Reed
|
e8c39c5572
|
hashing: Add sha1, sha256, md5 functions (#3267)
|
2017-05-09 23:55:49 -07:00 |
|
ryanheffernan
|
b54504ef16
|
Refactoring Windows registry table to use unique_pr and return status on failure (#3228)
|
2017-05-08 10:42:44 -07:00 |
|
Dan Sedlacek
|
1413008642
|
[fix #3257] report proper routes for 0.0.0.0 (#3259)
|
2017-05-08 01:44:42 -07:00 |
|
Nick Anderson
|
8fdb0a6945
|
Adding distributed workid to carver (#3252)
|
2017-05-05 15:14:21 -07:00 |
|
Seshu Pasam
|
4cfb31452c
|
Docker support (#3241)
|
2017-05-05 09:53:12 -07:00 |
|
Nick Anderson
|
04dbbebeac
|
[Fix 3249] Addressing permissive build fail (#3250)
|
2017-05-04 23:33:32 -07:00 |
|
Teddy Reed
|
582ab52e8f
|
build: Remove SYSTEMD and _BASED logic (#3245)
|
2017-05-03 22:28:33 -07:00 |
|
lxcode
|
9482220bf0
|
Make sysctls work on FreeBSD (#3242)
|
2017-05-02 18:25:25 -07:00 |
|
Teddy Reed
|
bc13431394
|
freebsd: Fix tests and additional_tests (process, config) (#3239)
|
2017-04-29 19:53:53 -07:00 |
|
Teddy Reed
|
6496c2eef7
|
database: Remove SKIP_ROCKSDB build option (#3235)
|
2017-04-28 17:48:45 -07:00 |
|
Teddy Reed
|
4372785d5d
|
Refactor build logic to allow optional: yara, tsk, lldpd (#3226)
|
2017-04-28 13:45:41 -07:00 |
|
ryanheffernan
|
0458abc453
|
Split Startup items 'path' column into 'path' and 'args'
|
2017-04-27 23:56:08 -04:00 |
|
lxcode
|
03a9798b7e
|
FreeBSD: add functional routes.cpp, unblacklist modules (#3225)
|
2017-04-27 16:34:31 -07:00 |
|
Teddy Reed
|
e52f85f95e
|
database: Move r/w reset lock for extensions (#3219)
|
2017-04-27 00:55:02 -07:00 |
|
Robin Breathe
|
cbc34c44fe
|
Darwin: Add channel column to wifi_status and wifi_survey tables (#3221)
|
2017-04-26 14:41:24 -07:00 |
|
ryanheffernan
|
62dda71321
|
Refactor Windows Service Table to use std::unique_ptr (#3203)
|
2017-04-24 12:16:10 -07:00 |
|
Teddy Reed
|
ca8a919602
|
database: Fix TSAN-detected reset lock inversion (#3207)
|
2017-04-24 07:51:05 -07:00 |
|
Teddy Reed
|
66c177945e
|
logger: Require an open DB for status logs (#3205)
|
2017-04-23 13:16:12 -07:00 |
|
Teddy Reed
|
8b58e13733
|
rpm: Improve librpm safety (#3200)
|
2017-04-23 12:36:39 -07:00 |
|
Teddy Reed
|
65ef94f053
|
logger: Fixes to allow plugins access to hostIDs (#3197)
|
2017-04-22 18:24:25 -07:00 |
|
Teddy Reed
|
0374fde651
|
[Fix #3194] Remove qualified name from parseEvent declaration (#3198)
|
2017-04-22 18:16:20 -07:00 |
|
Gregory Heimbuecher
|
c5fd96cdf3
|
Fix #2838: Adds the event_taps table to Darwin (#3188)
|
2017-04-21 15:55:12 -07:00 |
|
Grigoriy Chudnov
|
e3a2445480
|
Add database init retry (#3179)
|
2017-04-21 15:32:40 -07:00 |
|
Teddy Reed
|
e817f3919e
|
Add hardware_disabled_types flag to control hardware_events (#3190)
|
2017-04-21 11:14:35 -07:00 |
|
Mitchell Grenier
|
d5f002d447
|
Adding a table for Time Machine Backup Destinations (#3177)
|
2017-04-20 19:15:29 -07:00 |
|
Mitchell Grenier
|
8474cf640b
|
Drop permissions properly on Linux (#3187)
|
2017-04-20 19:02:09 -07:00 |
|
Nick Anderson
|
13524f8833
|
Adding file carving feature to osquery (#3038)
|
2017-04-20 19:00:26 -07:00 |
|
Dan Sedlacek
|
13aef1fb73
|
Windows Network Routes (#3040)
|
2017-04-19 20:03:20 -07:00 |
|
Nick Anderson
|
e3ebc47498
|
Grabbing additional data fields for windows event logs (#3183)
|
2017-04-19 16:09:49 -07:00 |
|
Nick Anderson
|
6ba48afef6
|
Adding support for quote wrapped windows event channels (#3175)
|
2017-04-19 09:18:44 -07:00 |
|
tpott
|
17ab40db51
|
Add specified identifier via GFlags (#3165)
|
2017-04-18 22:30:55 -07:00 |
|
Nick Anderson
|
318dfe2d0d
|
Fixing stringToWstring crashes with wide character strings (#3170)
|
2017-04-18 09:25:30 -07:00 |
|
Nick Anderson
|
352b43a4d5
|
Adding bounds checks and key checks for appcompat shims table (#3169)
|
2017-04-16 16:14:17 -07:00 |
|
Teddy Reed
|
90078f15ea
|
events: Add hidden EID to all events tables (#3159)
|
2017-04-14 08:20:20 -07:00 |
|
Nick Anderson
|
6a90db47be
|
Adding the Windows Scheduled Tasks virtual table (#3153)
|
2017-04-13 07:53:49 -07:00 |
|
Teddy Reed
|
b3ee6c9a8d
|
tables: Fix table metadata when constraints are used (#3151)
|
2017-04-12 21:48:28 -07:00 |
|
Teddy Reed
|
649afcfff1
|
events: Use generator-tables for event subscribers (#3150)
|
2017-04-12 21:45:41 -07:00 |
|
Teddy Reed
|
c5e6db36eb
|
events: Use poll instead of select for audit and udev (#3158)
|
2017-04-12 16:10:11 -07:00 |
|
Teddy Reed
|
5fd11260ad
|
inotify: Use poll over select in inotify publisher (#3157)
|
2017-04-12 16:09:48 -07:00 |
|
Teddy Reed
|
ae4cb0ba28
|
extensions: Catch Thrift transport close exception (#3160)
|
2017-04-10 22:37:56 -07:00 |
|
Teddy Reed
|
67440ab101
|
tests: Rewrite and add filesystem tests (#3156)
|
2017-04-10 21:32:16 -07:00 |
|
yying
|
31b78cb996
|
Adding hostIdentifier, calendarTime, unixTime to status logging (#3146)
|
2017-04-10 11:56:23 -07:00 |
|
Teddy Reed
|
201fbc6707
|
extensions: Improve extensions and interface headers (#3154)
|
2017-04-10 08:59:06 -07:00 |
|
Teddy Reed
|
76fe5d748c
|
logging: Allow Glog reentrancy (#3142)
|
2017-04-06 15:57:44 -07:00 |
|
ryanheffernan
|
d1a191cbd2
|
Adding 32-bit Items to Windows startup_info table (#3144)
|
2017-04-06 14:46:05 -07:00 |
|
Teddy Reed
|
7fdbfe2a77
|
freebsd: Link rocksdb-lite (#3141)
|
2017-04-05 16:46:04 -07:00 |
|
ryanheffernan
|
f32ceb306b
|
Adding Windows Startup Info Table (#3137)
|
2017-04-05 15:14:28 -07:00 |
|
ryanheffernan
|
da427ab6c0
|
[Fix #3138] Adding index on 'key' column of Windows Registry table (#3139)
|
2017-04-05 13:02:36 -06:00 |
|
Teddy Reed
|
23f2c3a4ff
|
remote: Fix output size for TLS compression (#3133)
|
2017-04-04 18:48:31 -07:00 |
|
ryanheffernan
|
c91b905091
|
Allowing OR clause in registry virtual table (#3136)
|
2017-04-04 15:43:06 -07:00 |
|
yying
|
20f8e6cd5a
|
Adding Status Logging to AWS Kinesis/Firehose Logger Plugins (#3115)
|
2017-04-04 09:54:56 -07:00 |
|
ryanheffernan
|
5d6ea77efd
|
[Fix #3129] Check malloc result for WEL XML buffer before calling EvtRender (#3130)
|
2017-04-04 09:52:29 -07:00 |
|
Teddy Reed
|
c24603d8c9
|
logger: Add logger_min_status and disable stderr with stdout (#3131)
|
2017-04-04 08:12:26 -07:00 |
|
Teddy Reed
|
ed2a6b2b6c
|
deps: Update thrift to 0.10.0 (#3127)
|
2017-04-03 00:06:22 -07:00 |
|
Teddy Reed
|
cea8da9829
|
freebsd: Add lldpd to dependencies (#3124)
|
2017-04-02 13:04:10 -07:00 |
|
Teddy Reed
|
e330203e9d
|
Remove enable_monitor flag functions (#3123)
|
2017-04-01 23:05:45 -07:00 |
|
Teddy Reed
|
7b6e4c7a27
|
audit: Optimize user_events and add auid (#3120)
|
2017-03-31 08:30:45 -07:00 |
|
Allan Liu
|
1555989cd2
|
prometheus_metrics: exposed request timeout configuration (#3113)
|
2017-03-31 07:54:34 -07:00 |
|
yying
|
5bbff29387
|
Locking issue with osquery::resetDatabase (#3116)
|
2017-03-30 09:34:31 -07:00 |
|
ryanheffernan
|
fdf07f590f
|
Adding Globbing Support for Windows Registry Table (#3100)
|
2017-03-28 18:17:46 -07:00 |
|
Teddy Reed
|
e9500c218c
|
freebsd: Update provision script for CI (#3112)
|
2017-03-26 23:53:06 -07:00 |
|
Teddy Reed
|
0ac90e75fa
|
extensions: shell: Check for socket path ownership (#3109)
|
2017-03-26 21:24:24 -07:00 |
|
Teddy Reed
|
0eddc3e613
|
tables: Add macOS python2.7 frameworks (#3108)
|
2017-03-26 19:44:23 -07:00 |
|
Teddy Reed
|
396201b2fb
|
extensions: No not use noverbose in autoloading (#3107)
|
2017-03-26 19:43:50 -07:00 |
|
Rubab-Syed
|
92e545e6bf
|
Python packages (#3089)
|
2017-03-26 00:03:10 -07:00 |
|
Teddy Reed
|
345c511a61
|
hash: Only return hashes for files hashed (#3106)
|
2017-03-25 18:03:21 -07:00 |
|
Allan Liu
|
f7747726b8
|
pci_devices: unique_ptr wrapper for udev pointers (#3094)
|
2017-03-24 19:10:55 -07:00 |
|
Teddy Reed
|
f6f9480874
|
extensions: Preserve environment in auto-loaded extensions (#3101)
|
2017-03-24 18:47:23 -07:00 |
|
ryanheffernan
|
995648f337
|
[Fix #3097] Fixing Crash when sanitizing REG_NONE types from Windows Registry (#3098)
|
2017-03-24 18:46:01 -07:00 |
|
Nick Anderson
|
198ee7ab89
|
Change users table to query from registry instead of WMI (#3095)
|
2017-03-23 09:18:06 -07:00 |
|
Teddy Reed
|
bc85f726ad
|
events: Execute schedule before expiring (#3091)
|
2017-03-21 12:38:04 -07:00 |
|
Teddy Reed
|
c36a6253b5
|
packs: Run centos and ubuntu platforms on all Linux (#3088)
|
2017-03-21 01:11:57 -07:00 |
|
Teddy Reed
|
69bb69fd6d
|
events: Inspect schedule and improve tests (#3087)
|
2017-03-20 22:03:09 -07:00 |
|
Nick Anderson
|
05c32bf9ad
|
Adding a warning when read surpasses limits in hash table (#3090)
|
2017-03-20 10:31:55 -07:00 |
|
Teddy Reed
|
43eddc0bf3
|
watcher: Set default memory limit to 200M (#3086)
|
2017-03-18 16:38:47 -07:00 |
|