osquery-1

mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00

Author	SHA1	Message	Date
Teddy Reed	cc31e93762	Version bump, 1.0.3	2014-10-27 12:29:51 -07:00
Teddy Reed	0a1925200e	Clean flags usage in daemon/shell and dbhandle	2014-10-27 12:09:35 -07:00
Teddy Reed	6d50d762ce	Changing flag infra, reducing config testing, adding debug macro	2014-10-27 10:30:02 -07:00
Teddy Reed	991cbdfb00	Fix permissions on DB handle	2014-10-27 10:05:08 -07:00
Teddy Reed	a82792b3f7	Log results as events	2014-10-24 17:05:17 -07:00
mike@arpaia.co	0033e9bd02	cleaning up some memory leak supps	2014-10-09 22:06:55 -07:00
Teddy Reed	ded0717e94	[events] Additional INotify tests	2014-10-07 12:27:25 -07:00
Teddy Reed	8213e7dcbc	[events] Improve inotify	2014-10-06 14:37:44 -07:00
Teddy Reed	c553a59745	[events] Use pub/sub diction for events	2014-10-03 11:30:51 -07:00
Teddy Reed	1e36b494b4	[events] Rename MonitorContext to SubscriptionContext	2014-10-03 08:26:41 -07:00
Teddy Reed	b2474b49eb	[events] Renamed EventType to EventPublisher	2014-10-03 08:14:36 -07:00
Teddy Reed	e77ae22fe2	[events] Rename EventModule to EventSubscriber	2014-10-03 08:08:06 -07:00
Teddy Reed	69bfb92905	[events] Fleshing out OSX FSEvent framework	2014-10-02 21:30:14 -07:00
mike@arpaia.co	764619c849	Adding a function to read tomcat configs from disk	2014-09-30 19:59:52 -07:00
mike@arpaia.co	c8fded9498	comments for tomcat	2014-09-30 19:54:44 -07:00
Mike Arpaia	3fb8c8a5d4	Merge pull request #183 from facebook/tomcat-users Adding a function to parse the Tomcat users XML file	2014-09-30 19:51:54 -07:00
mike@arpaia.co	196ec880ab	Adding a function to parse the Tomcat users XML file This is apart of a bigger, better virtual table idea that @carnal0wnage had.	2014-09-30 19:49:38 -07:00
Teddy Reed	bf8209ca90	Merge pull request #182 from facebook/events_docs [events] Added remaining doxy comments	2014-09-30 15:00:08 -07:00
Teddy Reed	ef044c4a72	[events] Added remaining doxy comments	2014-09-30 12:50:14 -07:00
Teddy Reed	6eb9c5fd44	EventFactory, Dispatcher as singletons	2014-09-29 20:47:24 -07:00
Teddy Reed	588f1198f3	Merge pull request #174 from facebook/passwd_changes_vtable [events] Events lifecycle complete, passwd_changes vtable	2014-09-26 21:13:52 -07:00
Teddy Reed	ed338e8356	[events] Events lifecycle complete, passwd_changes vtable	2014-09-26 12:58:32 -07:00
mike@arpaia.co	0c783ebf0a	Migrating internal usage of osquery::query to osquery::SQL	2014-09-26 00:34:56 -07:00
mike@arpaia.co	7076aa813c	SQL class for executing queries implements #141	2014-09-26 00:28:18 -07:00
mike@arpaia.co	636ced854f	Pretty shell results Example: ``` osquery> select name, program \|\| program_arguments as executable from launchd limit 5; +----------------------------------+-------------------------------------------------------------------------------+ \| name \| executable \| +----------------------------------+-------------------------------------------------------------------------------+ \| bootps.plist \| /usr/libexec/bootpd \| \| com.apple.afpfs_afpLoad.plist \| /System/Library/Filesystems/AppleShare/afpLoad \| \| com.apple.afpfs_checkafp.plist \| /System/Library/Filesystems/AppleShare/check_afp.app/Contents/MacOS/check_afp \| \| com.apple.AirPlayXPCHelper.plist \| /usr/libexec/AirPlayXPCHelper \| \| com.apple.airport.wps.plist \| /usr/libexec/wps \| +----------------------------------+-------------------------------------------------------------------------------+ osquery> .tables => alf => alf_exceptions => alf_explicit_auths => alf_services => apps => ca_certs => etc_hosts => interface_addresses => interface_details => kextstat => last => launchd => listening_ports => nvram => osx_version => processes => routes => time ```	2014-09-25 21:39:07 -07:00
Teddy Reed	9220da7e3d	[events] Registry integration	2014-09-24 12:43:14 -07:00
mike@arpaia.co	5f4108c503	Moving all boost smart pointers to std smart pointers	2014-09-24 10:54:59 -07:00
Teddy Reed	9a2d299424	[events] Events and registry coordination	2014-09-24 10:46:37 -07:00
Teddy Reed	94953df90e	[events] Flesh out inotify eventtype	2014-09-23 13:01:03 -07:00
Teddy Reed	bb7097a255	[events] EventType threads for each run loop	2014-09-22 18:35:12 -07:00
mike@arpaia.co	ebfc47b399	Edits to https://github.com/facebook/osquery/pull/148/	2014-09-22 14:35:59 -07:00
mike@arpaia.co	16122544f5	Reorganizing tests so that the public headers don't have to include gtest	2014-09-22 14:30:52 -07:00
Teddy Reed	9b42c060ea	[events] Linux inotify event type	2014-09-22 01:47:50 -07:00
mike@arpaia.co	627821abc1	Periodic clang-format	2014-09-21 14:29:28 -07:00
mike@arpaia.co	b5ee19f49f	Removing the osquery::db namespace	2014-09-21 14:27:09 -07:00
Teddy Reed	eee37034b4	[events] Intro of non-async event framework	2014-09-18 15:05:41 -07:00
mike@arpaia.co	f06a4ba52e	cleaning up the plugin interfaces	2014-09-16 01:34:39 -07:00
mike@arpaia.co	5998dbd1c5	clang-format	2014-09-16 00:36:49 -07:00
mike@arpaia.co	d9edc81041	Updating the format of doxygen comment blocks	2014-09-16 00:28:23 -07:00
mike@arpaia.co	b36b5c8f29	fixing documentation error	2014-09-15 23:26:22 -07:00
mike@arpaia.co	0eab76a20c	refactored aggregateQuery to query	2014-09-15 23:07:03 -07:00
mike@arpaia.co	9147eb541f	fixing up some misdocumented parameters	2014-09-15 18:54:18 -07:00
mike@arpaia.co	011d38a767	moving namespace documentation into the doxygen directory	2014-09-15 18:53:04 -07:00
mike@arpaia.co	441ca7bb36	better namespace documentation	2014-09-15 18:11:49 -07:00
mike@arpaia.co	019efb923a	namespace documentation	2014-09-15 17:24:29 -07:00
mike@arpaia.co	4a048db278	database namespace documentation	2014-09-15 17:13:22 -07:00
mike@arpaia.co	8d1714841a	plugin docs	2014-09-15 14:37:57 -07:00
mike@arpaia.co	e295630d32	Accidental comment	2014-09-15 13:37:20 -07:00
mike@arpaia.co	6f940fb827	Status docs	2014-09-15 13:23:28 -07:00
mike@arpaia.co	6985d4bfa5	scheduler documentation	2014-09-15 13:11:39 -07:00

1 2

65 Commits