valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-06 09:35:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,892 Commits 2 Branches 109 Tags 25 MiB
c7355b19aa
Commit Graph

4892 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Kindyakov
8687d8b4fa Fix up logged_in_users table integration test for windows: column pid could be -1 
Reviewed By: guliashvili

Differential Revision: D13398134

fbshipit-source-id: 39371da1c7669325eb73859859ae22b309a982d1
 2018-12-11 03:31:18 -08:00
Alexander Kindyakov
43e25c5e35 Fix up interface_details table integration test for windows: some colums could be empty on windows 
Reviewed By: guliashvili

Differential Revision: D13398135

fbshipit-source-id: d662567e19dce9d1703c86496cd7b51b38953d71
 2018-12-11 03:31:17 -08:00
Alexander Kindyakov
e8354cd9ca Fix up hash table integration test for windows: ssdeep is posix specific column 
Reviewed By: guliashvili

Differential Revision: D13398133

fbshipit-source-id: e873724e4954951924180ebe4dfa05a7a9487f96
 2018-12-11 03:31:17 -08:00
Alexander Kindyakov
00b9084397 Sort a bit out tables integration tests by target platforms 
Summary: accordint to osquery/specs/BUCK platform specification

Reviewed By: guliashvili

Differential Revision: D13398140

fbshipit-source-id: 64c44c33c39920f33c4647646f66b48e707ef5b4
 2018-12-11 03:31:17 -08:00
George Guliashvili
c58f69bba2 fix macos test 
Summary: mac address can be incomplete, lets add it in the verifier.

Reviewed By: fmanco

Differential Revision: D13377450

fbshipit-source-id: 057549d058f292fac7969adb242da2e313922c53
 2018-12-11 03:31:17 -08:00
George Guliashvili
3775b82cdb auditprocess_file_events_tests buckify 
Summary: auditprocess_file_events_tests buckify

Reviewed By: fmanco

Differential Revision: D13377453

fbshipit-source-id: 819d56b42eb55aefcb403003f0ad6fc46b481bf0
 2018-12-11 03:31:17 -08:00
George Guliashvili
4704892aca fix operator= 
Summary: operator= should be returning value.

Reviewed By: fmanco

Differential Revision: D13377348

fbshipit-source-id: e3a5e0adf9a79bf6e76795423c9b88cd425c02f3
 2018-12-11 03:31:17 -08:00
George Guliashvili
e28335998a events_database_tests buckify 
Summary: events_database_tests buckify

Reviewed By: akindyakov

Differential Revision: D13377334

fbshipit-source-id: c347f05e66af2c0777857352b591b8dad83e7317
 2018-12-11 03:31:17 -08:00
Alexander Kindyakov
3a0683f049 Switch off osquery/remote tests for windows 
Summary: Switch off osquery/remote tests for windows, it takes time to fix it. I'll do it later.

Reviewed By: fmanco

Differential Revision: D13378357

fbshipit-source-id: 21077630864fc4a27ba65078c634e115875f3970
 2018-12-11 03:31:17 -08:00
Alexander Kindyakov
dcf27a5956 Fix up config/tests:test_config_update for windows 
Summary: It turns out we already fixed that old issue

Reviewed By: guliashvili

Differential Revision: D13376876

fbshipit-source-id: a7822a1c79aa180e40f7ce54faa7c811b0d1b24b
 2018-12-11 03:31:17 -08:00
Alexander Kindyakov
f60d2100de fix up extenstions tests on windows 
Summary: Windows named pipe requires a bit different name format in compare to posix platforms.

Reviewed By: guliashvili

Differential Revision: D13376805

fbshipit-source-id: 443c8f963863adbacd1edb76945919f00a1a2e4e
 2018-12-11 03:31:17 -08:00
George Guliashvili
971bee4441 Move build system to BUCK 
fbshipit-source-id: 8ffef5e6a393ac67ce56dcb74845402e43d964a0
 2018-12-07 16:12:35 +00:00
Alexander Kindyakov
29df1efe00 CarbonBlack table have to assume any key in sensor settings file could be missing 
Fix up failing tests with exception 'No such node (CB.SensorBackendServer)' thrown in the test body
 2018-12-07 16:02:09 +00:00
Alexander Kindyakov
e3037331d4 Fix up bug in NonNegativeInt and NonNegativeOrErrorInt table column data validator 2018-12-07 16:01:38 +00:00
George Guliashvili
a31d7582f4 Fix rocksdb crash 
Configuration of OptimizeForSmallDb was crashing osquery. To be more specific ColumnFamilyOptions::OptimizeForSmallDb part was doing it.
 2018-12-07 16:00:46 +00:00
George Guliashvili
a32ed7c45d Fix random port problem 
random port was not really random. Seed was never set so it was generating the same port.
 2018-12-07 16:00:46 +00:00
Marek Cirkos
6a64e353e9 Refactor battery table and return some information even if advanced information is missing 2018-12-07 16:00:46 +00:00
Filipe Manco
bf4c0a3117 Move iptables querying to a C based proxy 
The iptables uapi kernel headers are incompatible with C++. To avoid
depending on modified kernel headers query iptables from a C based
proxy. This is a temporary solution until the problem is fixed on
upstream Linux.
 2018-12-07 16:00:36 +00:00
packetzero
5188ce5288 update aws-sdk-cpp 1.4.55 on windows (#5255) 2018-10-29 21:24:29 +00:00
Nick Anderson
0314871908
bug: explicitly set safe permissions on osquery dbs (#5229) 2018-09-18 22:51:29 -07:00
Michael McGrew
e6302379fd Add per process performance data to windows processes table (#5224) 2018-09-18 20:59:35 -07:00
James Jerger
b8d7243aa9 Add InstallDate to os_version for Windows (#5226) 2018-09-14 16:07:37 -07:00
Giorgi Guliashvili
7bac8cb7f6
remove old boost bug supprot (#5221) 2018-09-14 23:51:44 +01:00
Nick Anderson
bf93fcf2f9
database: changing default path of the database for pathing uniformity (#4832) 2018-09-14 11:36:24 -07:00
James Jerger
e10b243ecf Add NTDomain Table for Windows (#5152) 2018-09-14 11:25:49 -07:00
Max Kareta
61d415c6bc
added database migration class (#5112) 2018-09-14 20:58:03 +03:00
Adrien Schildknecht
bdf504f6b6 tables: netmask should be an integer (#5217) 2018-09-14 16:13:37 +01:00
Alessandro Gario
52805dca44 chrome_extensions: Use the translation dictionary with case insensitive keys (#5215) 2018-09-14 16:06:31 +01:00
Giorgi Guliashvili
53a48d8fb4
posix profiling (#5187) 2018-09-14 16:04:28 +01:00
Giorgi Guliashvili
70806ae4fc
numeric_monitoring recursive sync record (#5204) 2018-09-14 12:17:24 +01:00
Alexander
dcd653ce33
Create helper functions to get CPU cores info on linux (#5209) 
Helper functions to get CPU cores info exposed via sysfs on linux.
I need this information to use kprobes in osquery on linux.
 2018-09-14 11:32:25 +01:00
Alexander
8ab08ed6c0
Prepare the filesystem directories in initialisation routine (#5207) 
Create directory for the database only if database is switched on and do not fail on unsuccessful creation, just write down a message to log.
 2018-09-14 11:19:07 +01:00
Alexander
9b3e14789b
Non throwing directory creation function. (#5206) 
Directory creation function to osquery/filesystem.h

Status was used as a return value, as far as all function in this file operate with Status not Expected. Let's move from Status to Expected in another PR.
 2018-09-12 11:48:11 +01:00
Alessandro Gario
e2f1a11d75 Add a 'permission' field to the chrome_extensions table (#5193) 2018-09-12 01:03:36 +01:00
Giorgi Guliashvili
9bfd3f4a2d boost throwing is_directory bug (#5208) 2018-09-11 16:54:37 -07:00
yying
6e9f23a0e2 Add ReleaseDate to table for platform_info queries on Windows (#5182) 2018-09-10 17:05:44 -07:00
Adrien Schildknecht
0b686c4834 Add interface_ipv6 table (#4903) 2018-09-10 05:50:03 +02:00
Adrien Schildknecht
07961f314c [Table sanity check] routes & arp_cache (#5189) 2018-09-10 05:47:52 +02:00
Alexander
2ddd10b3df
Remove the rest of the safeStrto* function from conversion.h (#5190) 
Remove the rest of the safeStrto* function from conversion.h
Used tryTo<> from PR #4676 instead
 2018-09-07 15:48:15 +01:00
Giorgi Guliashvili
7611adb1f6
vagrant configure vmware_desktop (#5179) 2018-09-07 15:40:25 +01:00
Alexander
b44110aaaa
Expected::takeOr have to accept rvalue as an argument (#5191) 
Fix up checking the type for argument in template definition.
Fixes: #5190
 2018-09-07 14:59:10 +01:00
Giorgi Guliashvili
ceb3e6896d
dispatcher static destructor (#5192) 2018-09-07 14:47:46 +01:00
ThorodanBrom
805d53e44a Update process-auditing.md (#5188) 2018-09-07 13:04:49 +01:00
Alexander
0f0440fa61
Removing potentially risky method getOr(T const&) from Expected (#5174) 
Too dangerous, because it is so easy to create a dangling reference (to local object for instance) with it.

It was discussed in terms of PR #4833
 2018-09-07 11:49:47 +01:00
ThorodanBrom
3229743460 Small doc fixes (#5186) 2018-09-06 19:42:11 +01:00
Dmitry Shevchenko
b485aae9a7 Changing the active code page to United States code (#5181) 2018-09-06 08:49:32 -07:00
Allan Liu
5457ef0ea9 tables: add pci_class_id and pci_subclass_id to pci_devices (#5183) 2018-09-06 01:05:11 +01:00
Julien
258f728f41 deploy: add osquery.man to wix config for New-MsiPackage - #5067 (#5105) 2018-09-05 14:06:21 -07:00
Giorgi Guliashvili
baa7b88b2d
provision libsmartctl only for linux/darwin (#5180) 2018-09-05 20:20:42 +01:00
Allan Liu
37ae0ef4d5 tables: augment pci_devices table on linux with pci_subclass (#5175) 2018-09-05 20:20:27 +01:00