valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,143 Commits 2 Branches 109 Tags 25 MiB
d6e20279d8
Commit Graph

3143 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mike@arpaia.co
ebc746eef2 0.0.1 Release 2014-09-02 18:40:51 -07:00
mike@arpaia.co
c26d5d83b3 Updating OS X post-install package script 2014-09-02 18:38:03 -07:00
mike@arpaia.co
8d0dfbda5f updating cleaning of machine artifacts 2014-09-02 15:37:43 -07:00
Mike Arpaia
a06a20cc64 Merge pull request #94 from facebook/results_serializer_perf 
Fix performance issue with the disk serializer
 2014-09-02 15:31:59 -07:00
mike@arpaia.co
66a2a6fdec Fix performance issue with the disk serializer 
This is the issue noted in #76. Keeping all historical results of
queries in the HistoricalQueryResults struct makes serializing and
deserializing those structs very, very slow as time goes on. By only
storing the last execution of the query, we keep the performance
constant, but we kill the feature where osquery can rebuild timelines
without accessing logs. After talking it over, we decided that this
isn't actually that big of a deal because, if you really wanted to
rebuild the old data, you should be able to process the logs, similarly
to bin log replication in MySQL.
 2014-09-02 13:13:12 -07:00
mike@arpaia.co
debdb56616 Close #79 
The leak is a FP. Ran it through some other memory analysis tools.
Valgrind has historically has a hard time sorting out leaks vs ARC.
 2014-09-02 12:45:50 -07:00
mike@arpaia.co
769613e56d Fixing #80 
This isn't a leak, just a potential bug in the implementation of this
function.
 2014-09-02 12:30:52 -07:00
mike@arpaia.co
2b08ba60e3 Fixing #67 
Escaping spaces in the Program field of the launchd table since it
represents a path
 2014-09-02 12:22:12 -07:00
mike@arpaia.co
c6b7c04626 Fixing #65 
The column name was misspelled in the table spec, causing the column to
look blank.
 2014-09-02 12:15:45 -07:00
Mike Arpaia
59ea9adffc Merge pull request #93 from facebook/ctest 
Migrating project to use CMake's CTest to run unit tests
 2014-09-02 11:14:31 -07:00
mike@arpaia.co
63070a0d49 migrating project to use CMake's CTest to run unit tests 2014-09-02 11:14:21 -07:00
Mike Arpaia
58cdaa188f Merge pull request #92 from facebook/make-deps-brew-error 
Fixing an error with brew install. See #90 for more info.
 2014-09-02 10:34:17 -07:00
Aaron Miller
24cda21402 Fixing an error with brew install. See #90 for more info. 2014-09-02 10:10:44 -07:00
Mike Arpaia
03295ff877 Merge pull request #91 from facebook/cmake-shuffle 
Moving osquery cmake code into the source tree.
 2014-09-02 01:03:08 -07:00
mike@arpaia.co
b1291879f1 Moving osquery cmake code into the source tree. 
I like the pattern of the root CMakeLists.txt being the parent file
which sets global parameters and the children doing their level of
compilation.

I also updated the OS X pkg creator.
 2014-09-02 01:00:58 -07:00
Mike Arpaia
be67dfcb8d Merge pull request #88 from facebook/ca_certs_rename 
renaming the cacerts table to ca_certs
 2014-09-01 18:47:42 -07:00
mike@arpaia.co
6498f45924 renaming the cacerts table to ca_certs 2014-09-01 18:46:16 -07:00
Mike Arpaia
8332e3577f Merge pull request #87 from facebook/nvram_memleak 
[vtable_nvram] Fixing type description memory leak, and re-org
 2014-09-01 18:40:27 -07:00
Teddy Reed
c653e0b1be [vtable_nvram] Fixing type description memory leak, and re-org 2014-09-01 18:32:49 -07:00
Mike Arpaia
d27f6163b4 Merge pull request #86 from facebook/glog-results 
more robust filesystem logging
 2014-09-01 18:16:04 -07:00
mike@arpaia.co
e673b7a127 more robust filesystem logging 2014-09-01 18:15:17 -07:00
Mike Arpaia
e5f4d5f64b Merge pull request #83 from facebook/glog-to-file 
Log files to disk close #78
 2014-09-01 17:15:59 -07:00
mike@arpaia.co
303e73e9ba Log files to disk close #78 2014-09-01 17:13:04 -07:00
Mike Arpaia
5e14f8da66 Merge pull request #82 from facebook/run-iterations 
adding an 'iterations' flag to the run tool to look at memory usage trends
 2014-09-01 14:08:20 -07:00
mike@arpaia.co
376d1779db adding an 'iterations' flag to the run tool to look at memory usage trends 2014-09-01 14:07:53 -07:00
Mike Arpaia
ffaa763209 Update registry.h 2014-08-30 15:03:31 -07:00
Mike Arpaia
8cff961173 Update registry.h 2014-08-30 15:03:06 -07:00
mike@arpaia.co
468f88645d more sane comments in registry.h 2014-08-30 15:02:43 -07:00
mike@arpaia.co
8649951fab minimum possible linkages 2014-08-30 14:29:45 -07:00
mike@arpaia.co
f174c4dbd0 enabling unit tests for tables 2014-08-30 14:26:24 -07:00
mike@arpaia.co
2e5810ae9a proper ordering in tables/CMakeLists.txt 2014-08-30 04:28:49 -07:00
mike@arpaia.co
f5402d5035 query time count is a ulong not a long 2014-08-30 04:26:40 -07:00
mike@arpaia.co
56d9e8cb15 readme instructions for development 2014-08-30 04:23:40 -07:00
Mike Arpaia
461fb83982 Update com.facebook.osqueryd.plist 2014-08-30 04:19:46 -07:00
mike@arpaia.co
47bfe57272 clang-format 2014-08-30 04:06:31 -07:00
Mike Arpaia
6b06f37f54 Update README.md 2014-08-30 04:04:02 -07:00
mike@arpaia.co
02db7ee3a9 memory leak detection instructions 2014-08-30 04:03:09 -07:00
Mike Arpaia
d3bcee8f6f Merge pull request #64 from facebook/launchdaemon 
Productionalizing
 2014-08-30 03:59:01 -07:00
mike@arpaia.co
f28d4ae6a1 adding a useful example query to the config 2014-08-30 03:58:15 -07:00
mike@arpaia.co
8d2f5b07d8 changing ProgramArguments to Program because default options are sufficient 2014-08-30 03:56:51 -07:00
mike@arpaia.co
f1e3b7443d more verbose logging by default 2014-08-30 03:55:26 -07:00
mike@arpaia.co
b7f9ecc6e1 add an extra char for the \0 2014-08-30 03:53:32 -07:00
mike@arpaia.co
1cbb2df5ce cross platform improvements to the makefile 2014-08-30 03:51:50 -07:00
mike@arpaia.co
d2b96401a4 was closing the db in the middle of the loop instead of after it, causing subsequent queries to fail 2014-08-30 03:49:49 -07:00
mike@arpaia.co
b1f86466e0 alphabetizing the order of sources in the tables cmake file 2014-08-30 03:46:08 -07:00
mike@arpaia.co
5b904cca26 moving the table_sources blob down to just above where it's used 2014-08-30 03:43:02 -07:00
mike@arpaia.co
700a779b94 cleaning up the root CMakeLists.txt 2014-08-30 03:40:26 -07:00
mike@arpaia.co
dd909ed39d breaking out the implementation of os x specific virtual tables into their own cmake library 2014-08-30 03:24:35 -07:00
mike@arpaia.co
3b05ffb97d breaking out objective-c tables such that they use arc 2014-08-30 03:19:16 -07:00
mike@arpaia.co
92845146d7 re-adding all of the virtual tables that depended on performant objective-c interop 2014-08-30 03:09:04 -07:00