Commit Graph

414 Commits

Author SHA1 Message Date
Teddy Reed
0a1925200e Clean flags usage in daemon/shell and dbhandle 2014-10-27 12:09:35 -07:00
Teddy Reed
6d50d762ce Changing flag infra, reducing config testing, adding debug macro 2014-10-27 10:30:02 -07:00
Teddy Reed
991cbdfb00 Fix permissions on DB handle 2014-10-27 10:05:08 -07:00
mike@arpaia.co
c118e7a1f8 iostream 2014-10-03 13:48:31 -07:00
mike@arpaia.co
7076aa813c SQL class for executing queries
implements #141
2014-09-26 00:28:18 -07:00
mike@arpaia.co
0387fde8b8 Adding permissions check around setting default log directory #130 2014-09-25 10:26:39 -07:00
mike@arpaia.co
4218a4c2ab cmake cleanups 2014-09-22 21:23:16 -07:00
mike@arpaia.co
9e2507409c linking tests against libosquery 2014-09-22 19:54:59 -07:00
mike@arpaia.co
1e774e50bf static build on OS X and Linux 2014-09-22 19:27:19 -07:00
mike@arpaia.co
627821abc1 Periodic clang-format 2014-09-21 14:29:28 -07:00
mike@arpaia.co
b5ee19f49f Removing the osquery::db namespace 2014-09-21 14:27:09 -07:00
mike@arpaia.co
d9edc81041 Updating the format of doxygen comment blocks 2014-09-16 00:28:23 -07:00
mike@arpaia.co
0eab76a20c refactored aggregateQuery to query 2014-09-15 23:07:03 -07:00
mike@arpaia.co
65ec7685f1 doxygenifying conversion header 2014-09-15 22:56:11 -07:00
mike@arpaia.co
7d97186a26 comments for core.h 2014-09-15 12:23:07 -07:00
mike@arpaia.co
de426754d9 moving fs to the global namespace 2014-09-15 11:47:52 -07:00
mike@arpaia.co
fb2591d82a #143 2014-09-15 11:09:33 -07:00
mike@arpaia.co
ad9b0bb5c1 Doxyfile, for docs 2014-09-13 15:18:26 -07:00
mike@arpaia.co
e838110e84 Moving header to include 2014-09-12 17:50:03 -07:00
mike@arpaia.co
073dd2d5c4 osquery thread pool
this is an implementation of a thread pool, using thrift's thread
manager class.
2014-09-12 08:18:25 -07:00
Mike Arpaia
db0f0105dd Revert "Skip tests when making 'fast'" 2014-09-09 21:37:08 -07:00
mike@arpaia.co
c9fafc00d3 using '#pragma once' instead of '#ifndef HEADER'
let's start using #pragma once for our headers. it's less lines of code,
clang supports it, headers become more movable, etc. it's all around a
better plan.
2014-09-09 18:54:53 -07:00
mike@arpaia.co
cec7b33afb removing unused header includes 2014-09-09 18:43:41 -07:00
Teddy Reed
2e150ef8a9 Skip tests when making 'fast' 2014-09-09 16:25:22 -07:00
mike@arpaia.co
df1332277d clang-format 2014-09-09 16:14:54 -07:00
mike@arpaia.co
4f2298ef33 improving the organization of command line flag parsing 2014-09-09 16:10:57 -07:00
mike@arpaia.co
4f223766fc osquery-84 override --help flag and print custom help 2014-09-09 15:35:34 -07:00
Mike Arpaia
d6699bd0fe Adding header files to CMakeLists.txt so that other build tools can perform better introspection into the codebase. 2014-09-09 10:53:59 -07:00
Teddy Reed
26e83f8ee9 Merging for linux build and libosquery compiling options 2014-09-08 17:17:30 -07:00
Teddy Reed
7e470747b4 Moving sublibs to single libosquery 2014-09-08 01:58:29 -07:00
mike@arpaia.co
7d387ec605 status default constructor 2014-09-06 03:41:10 -07:00
Teddy Reed
4ffd184eaf Changes for Linux (Ubuntu 14.04) build 2014-09-05 10:58:58 -07:00
mike@arpaia.co
66a2a6fdec Fix performance issue with the disk serializer
This is the issue noted in #76. Keeping all historical results of
queries in the HistoricalQueryResults struct makes serializing and
deserializing those structs very, very slow as time goes on. By only
storing the last execution of the query, we keep the performance
constant, but we kill the feature where osquery can rebuild timelines
without accessing logs. After talking it over, we decided that this
isn't actually that big of a deal because, if you really wanted to
rebuild the old data, you should be able to process the logs, similarly
to bin log replication in MySQL.
2014-09-02 13:13:12 -07:00
mike@arpaia.co
63070a0d49 migrating project to use CMake's CTest to run unit tests 2014-09-02 11:14:21 -07:00
mike@arpaia.co
303e73e9ba Log files to disk close #78 2014-09-01 17:13:04 -07:00
mike@arpaia.co
47bfe57272 clang-format 2014-08-30 04:06:31 -07:00
mike@arpaia.co
b7f9ecc6e1 add an extra char for the \0 2014-08-30 03:53:32 -07:00
mike@arpaia.co
d2b96401a4 was closing the db in the middle of the loop instead of after it, causing subsequent queries to fail 2014-08-30 03:49:49 -07:00
mike@arpaia.co
1ff68cabf3 making sure the db is closed in sqlite_util_tests 2014-08-30 03:07:14 -07:00
mike@arpaia.co
0e806eff83 Proper ARC in Objective-C++ code 2014-08-30 00:22:26 -07:00
mike@arpaia.co
15519b348e Adding LaunchDaemon and flagfile to the repo/package 2014-08-26 11:26:52 -07:00
mike@arpaia.co
fbc37d9399 clang-format on objective-c++ files 2014-08-19 20:18:49 -07:00
Teddy Reed
444cea0649 [vtable_cacerts] New CA certificates table. 2014-08-19 13:47:09 -07:00
mike@arpaia.co
3760e4cce5 Apple virtual table for LaunchAgents and LaunchDaemons 2014-08-15 13:46:09 -07:00
mike@arpaia.co
9973335e49 OS X virtual tables for currently installed applications 2014-08-15 12:58:19 -07:00
mike@arpaia.co
e723306c13 Ran clang-format across the codebase 2014-08-15 12:29:51 -07:00
Mike Arpaia
3161e8cfeb Merge pull request #48 from facebook/firewall
Virtual table for Apple's application level firewall
2014-08-14 11:33:53 -07:00
mike@arpaia.co
1a381e0feb Virtual tables for Apple's application level firewall 2014-08-14 11:33:20 -07:00
mike@arpaia.co
2311022e7f moving cocoa backports to core/osx 2014-08-13 23:20:58 -07:00
Mike Arpaia
5f9a24202f Merge pull request #42 from facebook/kexts
Loaded kernel extensions vtable
2014-08-13 11:49:48 -07:00
mike@arpaia.co
e2bd07008d [kextstat] osquery virtual table which uses the Core Foundation APIs to
expose kernel extension information.

For information about memory managament in Core Foudnation, see:
https://developer.apple.com/library/ios/documentation/CoreFoundation/Conceptual/CFMemoryMgmt/Concepts/Ownership.html#//apple_ref/doc/uid/20001148-103029
2014-08-13 11:48:53 -07:00
mike@arpaia.co
3b85618ae0 property list parsing with native C++ data types 2014-08-13 11:00:28 -07:00
mike@arpaia.co
7a56756073 moving sqlite to third-party 2014-08-11 17:37:49 -07:00
mike@arpaia.co
9a9ae03506 renaming CMakeLists.txt 2014-08-10 02:07:15 -07:00
mike@arpaia.co
7d9dc341ce getting rid of bind1st and relevant headers 2014-08-06 16:24:44 -07:00
mike@arpaia.co
21afc0b75b raw string literals in etc_hosts test content 2014-08-06 16:08:16 -07:00
mike@arpaia.co
4bec86c534 zwass' comment on etc_host table 2014-08-06 15:55:46 -07:00
mike@arpaia.co
1a114c4f18 bug fixes 2014-08-05 17:42:24 -07:00
mike@arpaia.co
7b3de7a3eb implementation for /etc/hosts vtable 2014-08-05 17:42:24 -07:00
mike@arpaia.co
0c1e7de598 virtual table structure for #25, the /etc/hosts vtable 2014-08-05 17:42:24 -07:00
mike@arpaia.co
7c81d42de5 reordering includes in cpp files 2014-08-05 17:37:04 -07:00
mike@arpaia.co
ec30260f37 core/status to status and header cleanup 2014-08-05 16:13:55 -07:00
mike@arpaia.co
f7a88ad771 automatic table loading 2014-08-05 01:21:28 -07:00
mike@arpaia.co
73a32b7294 Initial commit 2014-07-30 17:35:19 -07:00