439 Commits

Author	SHA1	Message	Date
Teddy Reed	0e57003e74	packages: Use /var/osquery on OS X for home (#2976)	2017-02-07 12:22:41 -08:00
Mike Arpaia	7a019d8226	Bundle cURL PEM into packages (#2950)	2017-02-02 20:46:13 -08:00
Mike Arpaia	2ad1d8839f	Introduce two new host identifier options (#2944)	2017-01-27 17:56:50 -08:00
Teddy Reed	487f7ee59b	extensions: Select ephemeral path for shell socket (#2945)	2017-01-27 15:56:40 -08:00
Teddy Reed	58ed5cc628	Introduce scheduler reload feature (#2917)	2017-01-25 17:48:33 -08:00
lambda-conjecture	721dd1ed62	Fix column order and repeated columns in distributed query (#2926)	2017-01-20 22:52:47 -08:00
Mike Arpaia	b445d7215d	Superfluous "d" in a doc block (#2911)	2017-01-16 19:18:59 -08:00
Teddy Reed	f9599d60d0	Move Mutex to shared_timed_mutex and add ReadLock (#2915)	2017-01-15 02:16:40 -08:00
Teddy Reed	0178419085	Add a TLS config plugin test that runs the scheduler (#2898)	2017-01-10 19:52:58 -08:00
Teddy Reed	0e9733f94c	Simplify Registry and plugin concepts (#2887)	2017-01-07 12:21:35 -08:00
Jonathan Lee	383e07e5be	[Fix #2734] Remove OpenSSL link dependency for osquery core (#2750)	2016-12-22 00:37:59 -08:00
Marc LeBourdais	aa08d487c9	Keep a local reference to the process name to avoid memory corruption (#2847)	2016-12-07 20:20:17 -08:00
lambda-conjecture	cd761d1749	Fix deadlock in RocksDB log callback (#2749)	2016-12-02 23:24:08 -08:00
Teddy Reed	1b21e5173e	[Fix #2798] Update gflags on OS X/Linux to 2.2.0 (#2800)	2016-11-30 15:59:18 -08:00
Teddy Reed	555d59eff6	Remove fsuid permissions drop for OS X and Linux (#2805)	2016-11-28 22:05:08 -08:00
Teddy Reed	deed140080	[#1773] Introduce multi-pack configuration syntax (#2787)	2016-11-22 09:35:03 -08:00
Teddy Reed	6ead016cbb	[Fix #2656] Refactor events_optimize to act per-query (#2665)	2016-11-05 22:03:45 -07:00
Teddy Reed	530f2933e3	[Fix #2704] Various distributed code cleanups (#2719)	2016-11-03 23:54:55 -07:00
Teddy Reed	e775fe1ea2	[Fix #2579] Remove database_in_memory flag (#2716)	2016-11-03 09:55:10 -07:00
Teddy Reed	a3acf2a3e5	Fix Config TLS plugin default verb (#2708)	2016-11-02 17:08:44 -07:00
Teddy Reed	4c8fdf5d17	Fix UDEV publisher unit tests LSAN bug (#2693)	2016-10-30 11:15:55 -07:00
Teddy Reed	b04736631a	Add --extensions_require feature (#2672)	2016-10-24 18:13:44 -07:00
Teddy Reed	b814fd54dc	[Fix #2674] Add SQLite prepare lock to shell_exec (#2677)	2016-10-24 08:25:38 -07:00
Teddy Reed	02b21d00c3	Add dropToUser method to privileges dropper interface (#2624)	2016-10-14 15:25:54 -07:00
Nick Anderson	616d9f5953	Adding support for Windows platform_info table (#2611)	2016-10-12 09:01:32 -07:00
Teddy Reed	0b1713423c	[Fix #1690] Use INDEX options in constraint cost evaluation (#2593)	2016-10-05 15:44:21 -07:00
Zachary Wasserman	6e7c1cdf32	Fix doxygen string in core.h causing make docs to fail (#2585)	2016-10-02 16:52:44 -07:00
Nick Anderson	b69981584f	Fixing COM memory leak (#2583)	2016-10-02 12:15:17 -07:00
Teddy Reed	ff2e1a182f	Initialize VirtualTableContent attributes (#2530)	2016-09-26 23:52:25 -07:00
Teddy Reed	4d1451c9b4	Add extensions SDK incompatibility checking (#2527)	2016-09-26 17:32:41 -07:00
Teddy Reed	17b89fc182	Refactor events and remove 10/3600 indexes (#2523)	2016-09-25 22:19:31 -07:00
Teddy Reed	bcd90070ae	Remove time-override for events add API (#2508) ... This will remove the use of current time for syslog.time and introduce a new column called 'datetime'. Events now uses an "optimize_id" alongside "optimize" to prevent returning colliding events added within the same second as the previous genTable call.	2016-09-23 16:46:02 -07:00
Zachary Wasserman	9701c55d96	Add active column to osquery_packs table (#2475)	2016-09-19 13:00:11 -07:00
Mitchell Grenier	61c9da1c42	Buffer the distributed queries to RocksDB for greater reliability (#2452)	2016-09-08 15:40:14 -07:00
Teddy Reed	81d8a4aa68	Emit warnings for improper 'osquery' table usage (#2432)	2016-09-02 19:13:37 -07:00
yying	84e6a3401a	Reducing compiler warnings and fails on warn in VS (#2433)	2016-09-02 15:04:03 -07:00
Nick Anderson	7c90823a0c	Upgrade LLVM to 3.8.1 on Linux (#2436) (#2435)	2016-09-02 14:53:04 -07:00
yying	d347c847e1	Support for extensions (#2363)	2016-08-31 16:45:06 -07:00
Teddy Reed	65dd56e113	Introduce table 'attributes' (#2431)	2016-08-31 15:32:20 -07:00
Teddy Reed	0b3f6af306	Improve status logging when using multi-loggers (#2422)	2016-08-29 06:59:55 -07:00
Teddy Reed	1bff276fcf	Increase TLS client timeout from 4s to 32s (#2410)	2016-08-27 13:12:48 +01:00
yying	2f1cad864d	Support for building static osquery executable (#2398)	2016-08-22 23:27:12 +01:00
Nick Anderson	fe7b8d98f9	Adding getSystemRoot function (#2386) ... Adding a cross platform function for getting the OS root and returning it as a boost::fs::path	2016-08-18 09:32:34 -07:00
Teddy Reed	58fd284f05	Improve dispatcher tests (#2358) ... This improves dispatcher tests by allowing units to act like component tests and use embedded std::thread-based osquery APIs. A unit may force a 'service' to run by joining the Dispatcher before deconstructing.	2016-08-14 15:41:53 -07:00
Teddy Reed	9a7b930a94	[Fix #2281] Avoid ctor ambiguity in table header (#2345)	2016-08-10 20:55:18 -07:00
Teddy Reed	f3f605e26a	Introduce a PLATFORM_MASK and isPlatform (#2334) ... Along with the platform defines and platform string defines provided by CMake to the build, add a PLATFORM_MASK define. Use this define as a platform-type mask with the PlatformType enum.	2016-08-09 20:27:42 -07:00
Teddy Reed	7eab0f39bd	Fix race conditions in Linux inotify publisher (#2309) ... 1. This adds several mutexes to the inotify publisher and its tests. 2. A fix for Linux 4.1 and LLVM TSAN is applied to CMake logic.	2016-07-31 22:41:37 -07:00
Teddy Reed	e4dd78ec10	Build documentation for brew-based build (#2305)	2016-07-31 17:10:13 -07:00
yying	50487c6880	Changes to make pidfile work on Windows (#2297)	2016-07-28 16:04:34 -07:00
yying	0ef284b8e7	Changes to make osqueryd/osqueryi mostly build sans cputime/uptime tables (#2283)	2016-07-25 11:58:55 -07:00