valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
808 Commits 2 Branches 109 Tags 25 MiB
ba248752d8
Commit Graph

808 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teddy Reed
c5bee50fdf Merge pull request #337 from theopolis/feature-pci_devices_vtable 
Fixes merge conflict for #307. pci_devices virtual table for Linux
 2014-11-02 20:22:55 -08:00
Akshay Dixit
c99c08c607 changed comments to // from /* , char* to std::string consts, and ran clang-format on the file 2014-11-02 21:09:04 -07:00
Akshay Dixit
cb1bf1c305 cleaned up pci_devices.cpp 2014-11-02 21:09:04 -07:00
Akshay Dixit
6c418507e6 renamed lspci to pci_devices and specified it linux only 2014-11-02 21:09:04 -07:00
Akshay Dixit
afd9d5e160 changed lspci to be a linux only virtual table, and added udev dependency to provisions.sh 2014-11-02 21:07:35 -07:00
Akshay Dixit
7896e7f78e added lspci virtual table and libudev dependencies 2014-11-02 21:03:43 -07:00
Teddy Reed
1abbe7478a Merge pull request #332 from vmauge/depends_gentable 
Add dependency to gentable.py
 2014-11-02 17:50:07 -08:00
Teddy Reed
14cf7d136a Merge pull request #331 from facebook/feature-osqueryi-flags 
Fix #328, add gflags defines for shell-internal flags
 2014-11-02 17:47:52 -08:00
Vincent Mauge
b18dcaa7cb Add dependency to gentable.py 
With this commit, a change to gentable.py will trigger
the regeneration of cpp code for each table.
 2014-11-02 17:00:47 -08:00
Teddy Reed
24b7be320c Fix #328, add gflags defines for shell-internal flags 2014-11-02 15:40:35 -08:00
Teddy Reed
7029c72e5a Merge pull request #326 from facebook/feature-git-clang-format 
Change make format to use git-clang-format
 2014-11-02 12:36:20 -08:00
Teddy Reed
422cdbb3e9 Change make format to use git-clang-format 2014-11-02 11:30:56 -08:00
Teddy Reed
bb7f8b6519 Bump, change mode on provision 2014-11-02 02:07:29 -08:00
Teddy Reed
37b8336a1f Silence parentheses warnings in linux/mounts 2014-11-02 01:42:04 -08:00
Teddy Reed
287bbc06a8 Merge pull request #316 from LTD-Beget/mounts 
Mounts table for linux
 2014-11-02 01:37:00 -08:00
Teddy Reed
a98c7b1252 Add rpm-devel to centos deps 2014-11-02 01:33:11 -08:00
Mike Arpaia
115cc43105 Merge pull request #321 from larzconwell/install-lib-include 
Closes #319, Install libraries and headers.
 2014-11-01 22:05:18 -07:00
Larz Conwell
a0d7533c96 Closes #319, Install libraries and headers. 2014-11-02 00:08:11 -04:00
Alexander Polyakov apolyakov@beget.ru
fd5ed3bc19 Rename dir to path 2014-11-02 01:09:24 +03:00
Alexander Polyakov apolyakov@beget.ru
fa81e54e27 Fix indentation, no functional change 2014-11-02 00:36:56 +03:00
Alexander Polyakov
58716d6cfa Mounts table for linux 2014-11-01 16:12:56 +03:00
Mike Arpaia
77d4777eed Merge pull request #262 from facebook/rpmstuff 
RPM Package Listing - In Progress
 2014-11-01 00:24:03 -07:00
Teddy Reed
eb240ac527 RPM table and more robust Linux building 2014-10-31 21:59:10 -07:00
Mike Arpaia
f29b5aa45a Merge pull request #311 from deniszh/master 
Fixing number of cores detection for boost builds
 2014-10-31 18:52:55 -07:00
James Pearce
9060f57d64 bump 2014-10-31 17:50:02 -07:00
castrapel
2557bac3d4 RPM Package listing is now working 2014-10-31 16:52:58 -07:00
castrapel
a51f97871f Adding RPM functionality for CentOS packages (Not working in EL6 due to older rpm-devel) 2014-10-31 16:52:58 -07:00
Teddy Reed
fd8f5782ab Merge pull request #308 from facebook/lsof 
Darwin lsof
 2014-10-31 16:32:30 -07:00
Mark Roberts
675dc308b9 Fix possible errors with getProcPath and getProcName 2014-10-31 16:07:09 -07:00
Mike Arpaia
fba9d1143b Merge pull request #310 from facebook/quarantine 
Add quarantine vtable for OSX
 2014-10-31 15:35:47 -07:00
Pablo S. Torralba
42c73897bf Some minor stetic changes to keep the code clean 2014-10-31 14:27:15 -07:00
Mark Roberts
534999b396 Whitespace 2014-10-31 13:49:25 -07:00
Pablo S. Torralba
366274504b Feedback fixes to clean the code a bit 2014-10-31 13:44:00 -07:00
Teddy Reed
8ad192d448 Merge pull request #312 from facebook/pretty_print_cols 
Fix 301, pragma cols pretty print
 2014-10-31 11:36:02 -07:00
Mark Roberts
f38bcd390e Add file_type to process_open_files 2014-10-31 11:13:35 -07:00
Denis Zhdanov
8e1b499b18 No, reverting back to getconf _NPROCESSORS_ONLN 
much simplier
 2014-10-31 18:31:06 +01:00
Denis Zhdanov
0539746a9b Update provision.sh 
Hm, jenkins do not likes getconf _NPROCESSORS_ONLN
trying more complex
$([[ $(uname) = 'Darwin' ]] && sysctl -n hw.logicalcpu_max || lscpu -p | egrep -v '^#' | wc -l)
 2014-10-31 18:22:03 +01:00
Teddy Reed
0604b3a5e0 Fix 301, pragma cols pretty print 2014-10-31 10:19:49 -07:00
Denis Zhdanov
a2863efce1 Fixing number of cores detection for boost builds 
This way of cores detection:
```bash
cat /proc/cpuinfo | grep "cpu cores" | uniq | awk '{print $NF}'
```
is cumbersome and didn't work in some cases, e.g. for VM on VirtualBox with one CPU.
It's much better to use something else, e.g.
```bash
getconf _NPROCESSORS_ONLN
```
as stated in
https://stackoverflow.com/questions/6481005/obtain-the-number-of-cpus-cores-in-linux
```nproc``` also works well but didn't compatible with MacOS X.
 2014-10-31 18:04:55 +01:00
Pablo S. Torralba
a6e04efdd7 Add quarantine vtable for OSX 
The tables reports:
- path: The file in quarantine
- creator: The application that created the file

Example:
osquery> select * from quarantine limit 10;

+----------------------------------------------------------------------------+---------------+
| path                                                                       | creator       |
+----------------------------------------------------------------------------+---------------+
| /Applications/Adium.app                                                    | Google Chrome |
| /Applications/Adium.app/Contents                                           | Google Chrome |
| /Applications/Adium.app/Contents/_CodeSignature                            | Google Chrome |
| /Applications/Adium.app/Contents/_CodeSignature/CodeResources              | Google Chrome |
| /Applications/Adium.app/Contents/Frameworks                                | Google Chrome |
| /Applications/Adium.app/Contents/Frameworks/Adium.framework                | Google Chrome |
| /Applications/Adium.app/Contents/Frameworks/Adium.framework/Adium          | Google Chrome |
| /Applications/Adium.app/Contents/Frameworks/Adium.framework/Headers        | Google Chrome |
| /Applications/Adium.app/Contents/Frameworks/Adium.framework/PrivateHeaders | Google Chrome |
| /Applications/Adium.app/Contents/Frameworks/Adium.framework/Resources      | Google Chrome |
+----------------------------------------------------------------------------+---------------+

Fixes issue #231
 2014-10-31 06:10:51 -07:00
Mark Roberts
3cf5aa4bae Add lsof for #28 functionality to Darwin, refactor to use shared infra for process_envs 2014-10-31 03:28:14 -07:00
Teddy Reed
cdb5b29bda Merge pull request #303 from facebook/pretty_print_ptrs 
Fix memset/memcpy for pretty print in osqueryi
 2014-10-30 22:34:25 -07:00
Teddy Reed
bcca0824b0 Fix memset/memcpy for pretty print in osqueryi 2014-10-30 18:07:32 -07:00
Teddy Reed
fb81f9bedd Merge pull request #300 from facebook/results_log_perms 
Fix #290, add permissions to osqueryd logging
 2014-10-30 16:44:18 -07:00
Teddy Reed
1554bf3295 Fix #290, add permissions to osqueryd logging 2014-10-30 15:03:05 -07:00
Teddy Reed
8cab68d2a3 Merge pull request #299 from facebook/fix_quotedsource 
Fix #281, quote SOURCE_DIR for source and pip
 2014-10-30 14:32:56 -07:00
Teddy Reed
5e15cd0b28 Fix #281, quote SOURCE_DIR for source and pip 2014-10-30 13:03:07 -07:00
Mike Arpaia
731e1c72ab Merge pull request #296 from rjeczalik/master 
Install libunwind8-dev for Ubuntu 14.10
 2014-10-30 11:54:36 -07:00
Teddy Reed
403fe28ee0 Merge pull request #295 from yetanotherhacker/spellfix 
Spelling fixes in comments and output.
 2014-10-30 11:28:08 -07:00
Rafal Jeczalik
cf959cfc4f Install libunwind8-dev for Ubuntu 14.10 2014-10-30 10:37:32 +01:00