valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,639 Commits 2 Branches 109 Tags 25 MiB
c47790d87d
Commit Graph

1639 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mitchell Grenier
c47790d87d Creating interfaces for remote logging 
First draft of the enrollment plugin and part of the config plugin.

Please comment on potential structure and functionality.

They way it's designed to work is this:
Both the config and logger plugins will call the enroll getKey function. getKey
is in charge of maintaining the state of having a key and doing the enrollment.

If enroll has a key, then it will instantly return doing no HTTP requests, if it
doesn't, then it will try a few times to get a key, if it's not successful, it
fails and returns an empty string, if it succeeds, then it will return the
client enrollment key for the requester to use.
 2015-04-17 14:48:46 -07:00
Mike Arpaia
af0caac22c Merge pull request #984 from marpaia/requests 
Request template classes
 2015-04-13 11:33:25 -07:00
mike@arpaia.co
233f672655 Request template classes 
As discussed in the comments of #961. Included is an HTTP transport
(which works for HTTPS also) and a JSON serializer.
 2015-04-13 10:32:56 -07:00
Teddy Reed
739d91c361 Performance linting 2015-04-11 19:50:35 -07:00
Teddy Reed
e1f0106710 Various fixes, checks 2015-04-11 15:57:12 -07:00
Teddy Reed
a8ced9a647 Merge pull request #977 from theopolis/process_parsing 
[Fix #968] Refactor launchd
 2015-04-11 14:18:58 -07:00
Mike Arpaia
0745017233 missing quote in docs 2015-04-10 23:31:10 -07:00
Mike Arpaia
5cebb95134 Merge pull request #979 from theopolis/fast_shell_query 
Skip event publishers when a single query is used
 2015-04-10 23:03:51 -07:00
Mike Arpaia
43cd956c99 Merge pull request #978 from theopolis/no_thrift_php 
Remove php from thrift provision
 2015-04-10 23:02:54 -07:00
Teddy Reed
54af369702 [Fix #968] Refactor launchd 2015-04-10 18:04:26 -07:00
Teddy Reed
aaecffa096 Skip event publishers when a single query is used 2015-04-10 17:37:49 -07:00
Teddy Reed
4a299c1fac Remove php from thrift provision 
The only thrift bindings we need for osquery are cpp/python.
Python is used for the integration tests.
 2015-04-10 17:15:31 -07:00
Mike Arpaia
4a9600d8a1 Merge pull request #967 from jedi22/better_extended 
Better extended attributes
 2015-04-10 16:09:18 -07:00
Mike Arpaia
5ebd757318 Merge pull request #976 from theopolis/tsk 
Documentation updates
 2015-04-10 16:09:05 -07:00
Teddy Reed
e69f72cd56 Documentation updates 2015-04-10 14:31:34 -07:00
Mitchell Grenier
41283223af Better extended attributes 
For the second time in a couple of weeks, I've rewritten the xattr table into
a new extended_attributes table.

If we find an attribute that we don't have a parser for, we will check if it
contains non printable characters. If it does, we'll base64 it. If it doesn't,
we will just output the unencoded string.
 2015-04-10 13:17:22 -07:00
mike@arpaia.co
159899a303 Update patent grant 2015-04-10 11:49:33 -07:00
mike@arpaia.co
dfbc4a2239 making the readme's queries more consistent 2015-04-09 23:17:27 -07:00
Teddy Reed
31ab39ff6a Update wiki pages to use RTD 
Deprecate README links to github wiki pages, use RTD links instead.
Update osquery.io http links to https.
 2015-04-09 22:37:00 -07:00
Teddy Reed
36479bbaf6 Merge pull request #970 from theopolis/osx_managed_configuration 
[Implement #879] Add managed_policies to OS X
 2015-04-09 12:14:50 -07:00
Teddy Reed
dc7cf9cf59 [Implement #879] Add managed_policies to OS X 2015-04-08 21:38:56 -07:00
Teddy Reed
ea96a9d046 Merge pull request #963 from theopolis/os_version 
[Fix #962] Add OS name and friendly version
 2015-04-08 21:32:49 -07:00
Teddy Reed
d30455893f Merge pull request #941 from theopolis/rhel_fun 
[Implement #926] RHEL6 provisioning
 2015-04-08 14:37:48 -07:00
Teddy Reed
1305a2764a [Fix #964] Restrict apt-sources to arch=amd64 2015-04-08 14:13:01 -07:00
Teddy Reed
8b2dd5e328 [Fix #962] Add OS name and friendly version 2015-04-08 07:33:17 -07:00
Javier Marcos
f97ca38743 Merge pull request #960 from facebook/safari_into_internet_plugins 
Renaming safari_plugins table to browser_plugins
 2015-04-07 14:49:46 -07:00
Javier Marcos
dee0bd683e Renaming safari_plugins table to browser_plugins 2015-04-07 14:26:00 -07:00
Teddy Reed
75f4d6548d [Fix #953] Check sqlite predicate expression passing 2015-04-07 01:20:05 -07:00
Teddy Reed
78ec6fb305 Merge pull request #956 from sharvilshah/bug/etc_hosts_comment_parsing 
[Fix #955] Fix etc_hosts hostname parsing so that inline comments are now ignored
 2015-04-07 00:27:58 -07:00
Teddy Reed
5d061e7ff8 Merge pull request #947 from theopolis/update_readme_table 
Update readme table
 2015-04-07 00:07:05 -07:00
Teddy Reed
41ce00e573 RHEL6 provisioning 2015-04-06 23:43:01 -07:00
Sharvil Shah
e7a3d24ece Fix etc_hosts hostname parsing so that inline comments are now ignored; update tests 2015-04-06 23:32:56 -07:00
Teddy Reed
f3c875fe5d Merge pull request #951 from wxsBSD/doc_fixes 
Remove MATCHES from docs.
 2015-04-06 21:25:47 -07:00
Wesley Shields
c2c6dbd216 Remove MATCHES from docs. 
This is not a valid ConstraintOperator.
 2015-04-06 20:43:56 -04:00
Mitchell Grenier
8da5f34486 Merge pull request #950 from jedi22/config_folder_fix 
[Fix #945] Fix crashes from bad JSON
 2015-04-06 16:28:32 -07:00
Mitchell Grenier
f5b7f921d3 Fing crashes from bad JSON 
There are a couple places where this was an issue.

The first place was in the filesystem plugin where it was only checked that it
existed, and not that it was an actual file.

The second was a lack of try and catch on the parse call in config.cpp.

Both of those issues are addressed in this diff.
 2015-04-06 16:00:26 -07:00
Mitchell Grenier
1455b66dd0 Merge pull request #949 from jedi22/file_changes_paths_single_file_fix 
[Fix #948] Absolute paths in wildcard resolution
 2015-04-06 15:48:51 -07:00
Mitchell Grenier
a6a8cc596b Fixed a bug that would prevent single files from showing up in wildcard resolutions 2015-04-06 15:21:17 -07:00
Teddy Reed
a94bff9ebf Merge pull request #946 from theopolis/master 
Add some osquery-theme to API docs
 2015-04-06 10:56:13 -07:00
Teddy Reed
f1f8c57e6c Update readme table 2015-04-06 01:34:39 -07:00
Teddy Reed
2df9a6558e Add some osquery-theme to API docs 2015-04-06 01:21:10 -07:00
Teddy Reed
a38b1d3f30 Merge pull request #935 from theopolis/more_prov 
Update provision.sh and os-specific deps
 2015-04-04 16:48:21 -07:00
Teddy Reed
e87ab14246 Update provision.sh and os-specific deps 
Remove some repeated or unused conditionals.
Make sure autoconf is at least version 2.69.
 2015-04-04 16:15:40 -07:00
Teddy Reed
3b40140eaa Merge pull request #922 from theopolis/events_time 
Fix event subscriber time
 2015-04-04 15:00:32 -07:00
Teddy Reed
090f7e71f1 Fix event subscriber time 2015-04-04 13:28:45 -07:00
Mike Arpaia
367d695d77 Merge pull request #938 from facebook/theopolis-patch-1 
[Fix #937] Return non-0 for status
 2015-04-04 00:12:52 -07:00
Mike Arpaia
91e70d1df3 Merge pull request #928 from theopolis/config_check_pp 
[#915] Skip daemon initialization if checking config
 2015-04-04 00:12:12 -07:00
Javier Marcos
a46c852746 Merge pull request #936 from facebook/building_rhel6 
Support for RHEL building
 2015-04-03 18:14:10 -07:00
Javier Marcos
d4a0f6cf56 Fixing ubuntu FINALLY 2015-04-03 17:38:39 -07:00
Javier Marcos
49758bb13f Fix broken ubuntus, oops again 2015-04-03 17:24:18 -07:00