valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
214 Commits 2 Branches 109 Tags 25 MiB
c72d069689
Commit Graph

87 Commits

Author SHA1 Message Date
mike@arpaia.co
c72d069689 vagrant and make deps on linux 2014-09-08 19:24:23 -07:00
Teddy Reed
7e470747b4 Moving sublibs to single libosquery 2014-09-08 01:58:29 -07:00
Teddy Reed
e23e7bdab8 Merge pull request #102 from facebook/linux-build 
Changes for Linux (Ubuntu 14.04) build
 2014-09-05 14:52:35 -07:00
Teddy Reed
4ffd184eaf Changes for Linux (Ubuntu 14.04) build 2014-09-05 10:58:58 -07:00
Javier Marcos
344ca31f26 Adding last virtual table 2014-09-04 16:42:18 -07:00
mike@arpaia.co
66a2a6fdec Fix performance issue with the disk serializer 
This is the issue noted in #76. Keeping all historical results of
queries in the HistoricalQueryResults struct makes serializing and
deserializing those structs very, very slow as time goes on. By only
storing the last execution of the query, we keep the performance
constant, but we kill the feature where osquery can rebuild timelines
without accessing logs. After talking it over, we decided that this
isn't actually that big of a deal because, if you really wanted to
rebuild the old data, you should be able to process the logs, similarly
to bin log replication in MySQL.
 2014-09-02 13:13:12 -07:00
mike@arpaia.co
2b08ba60e3 Fixing #67 
Escaping spaces in the Program field of the launchd table since it
represents a path
 2014-09-02 12:22:12 -07:00
mike@arpaia.co
c6b7c04626 Fixing #65 
The column name was misspelled in the table spec, causing the column to
look blank.
 2014-09-02 12:15:45 -07:00
mike@arpaia.co
63070a0d49 migrating project to use CMake's CTest to run unit tests 2014-09-02 11:14:21 -07:00
mike@arpaia.co
6498f45924 renaming the cacerts table to ca_certs 2014-09-01 18:46:16 -07:00
Teddy Reed
c653e0b1be [vtable_nvram] Fixing type description memory leak, and re-org 2014-09-01 18:32:49 -07:00
mike@arpaia.co
8649951fab minimum possible linkages 2014-08-30 14:29:45 -07:00
mike@arpaia.co
f174c4dbd0 enabling unit tests for tables 2014-08-30 14:26:24 -07:00
mike@arpaia.co
2e5810ae9a proper ordering in tables/CMakeLists.txt 2014-08-30 04:28:49 -07:00
mike@arpaia.co
47bfe57272 clang-format 2014-08-30 04:06:31 -07:00
mike@arpaia.co
b1f86466e0 alphabetizing the order of sources in the tables cmake file 2014-08-30 03:46:08 -07:00
mike@arpaia.co
5b904cca26 moving the table_sources blob down to just above where it's used 2014-08-30 03:43:02 -07:00
mike@arpaia.co
dd909ed39d breaking out the implementation of os x specific virtual tables into their own cmake library 2014-08-30 03:24:35 -07:00
mike@arpaia.co
3b05ffb97d breaking out objective-c tables such that they use arc 2014-08-30 03:19:16 -07:00
mike@arpaia.co
92845146d7 re-adding all of the virtual tables that depended on performant objective-c interop 2014-08-30 03:09:04 -07:00
mike@arpaia.co
0e806eff83 Proper ARC in Objective-C++ code 2014-08-30 00:22:26 -07:00
mike@arpaia.co
bb46cd31b4 fixing a dirty memory overwrite 2014-08-29 00:24:48 -07:00
mike@arpaia.co
da7ec74840 new time virtual table. it's pretty useful to have a light weight table that doesn't leak at all which returns data that's always changing. 2014-08-28 23:15:45 -07:00
mike@arpaia.co
1da3fab7b7 fix memory leak in sqlite3_attach_tables #74 2014-08-28 21:33:44 -07:00
mike@arpaia.co
f640bc23af updating include paths in networking utils 2014-08-27 11:39:36 -07:00
mike@arpaia.co
194127bf08 more memory leak fixed 2014-08-26 16:27:33 -07:00
mike@arpaia.co
648303b1a0 CFReleasing options_dict 2014-08-26 14:58:22 -07:00
mike@arpaia.co
6279f5cb96 setting property to null in the event that the property type is unknown 2014-08-26 14:58:10 -07:00
mike@arpaia.co
df580161f8 fixing leak of pids in listening_ports.cpp 2014-08-26 14:53:56 -07:00
mike@arpaia.co
3d3271a625 kextstat allocation clarity 2014-08-26 13:34:08 -07:00
Teddy Reed
02fc4538d7 [Fix #66] Moving not_valid fields in cacerts to std string 2014-08-22 23:14:44 -07:00
Teddy Reed
f461605b94 [vtable_interfaces] Add interface_{details, addresses} vtables 2014-08-21 18:49:15 -07:00
mike@arpaia.co
c9fb930ee4 OS specific table specs directory structure 2014-08-20 01:14:20 -07:00
mike@arpaia.co
807a3617c2 Removing example table 2014-08-19 21:49:42 -07:00
Mike Arpaia
f08ab26841 Merge pull request #60 from facebook/vtable_routes 
[vtable_routes] Added vtable for various network routes
 2014-08-19 21:46:36 -07:00
Teddy Reed
42d7f982e9 [vtable_routes] Added vtable for various network routes 2014-08-19 21:39:16 -07:00
mike@arpaia.co
fbc37d9399 clang-format on objective-c++ files 2014-08-19 20:18:49 -07:00
Teddy Reed
95ceb21ec5 [vtable_listening_ports] Listening sockets, IPv4, IPv6 2014-08-19 15:25:16 -07:00
Teddy Reed
444cea0649 [vtable_cacerts] New CA certificates table. 2014-08-19 13:47:09 -07:00
mike@arpaia.co
3760e4cce5 Apple virtual table for LaunchAgents and LaunchDaemons 2014-08-15 13:46:09 -07:00
mike@arpaia.co
9973335e49 OS X virtual tables for currently installed applications 2014-08-15 12:58:19 -07:00
mike@arpaia.co
e723306c13 Ran clang-format across the codebase 2014-08-15 12:29:51 -07:00
mike@arpaia.co
f6e6629d98 fixing include path in osx_version.mm 2014-08-14 11:35:30 -07:00
Mike Arpaia
3161e8cfeb Merge pull request #48 from facebook/firewall 
Virtual table for Apple's application level firewall
 2014-08-14 11:33:53 -07:00
mike@arpaia.co
1a381e0feb Virtual tables for Apple's application level firewall 2014-08-14 11:33:20 -07:00
mike@arpaia.co
2311022e7f moving cocoa backports to core/osx 2014-08-13 23:20:58 -07:00
Mike Arpaia
5f9a24202f Merge pull request #42 from facebook/kexts 
Loaded kernel extensions vtable
 2014-08-13 11:49:48 -07:00
mike@arpaia.co
e2bd07008d [kextstat] osquery virtual table which uses the Core Foundation APIs to 
expose kernel extension information.

For information about memory managament in Core Foudnation, see:
https://developer.apple.com/library/ios/documentation/CoreFoundation/Conceptual/CFMemoryMgmt/Concepts/Ownership.html#//apple_ref/doc/uid/20001148-103029
 2014-08-13 11:48:53 -07:00
Mike Arpaia
702d53af10 Merge pull request #47 from facebook/system_version 
osx_version table which exposes the major, minor and patch version of the operating system
 2014-08-13 11:44:14 -07:00
mike@arpaia.co
b65f96d666 osx_version table which exposes the major, minor and patch version of 
the operating system
 2014-08-13 11:02:17 -07:00