valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 18:33:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,980 Commits 2 Branches 109 Tags 25 MiB
d791a144c2
Commit Graph

458 Commits

Author SHA1 Message Date
Teddy Reed
d791a144c2 tables: Add exception handling within constraints matching (#3792) 2017-10-05 20:46:56 -07:00
Teddy Reed
32ca65e1fe [#3765] Drop privileges to the parent path not referred path (#3782) 2017-10-04 14:41:03 -07:00
Teddy Reed
32ec05c3c0 flags: Add helper method to get an Int32 flag value (#3739) 2017-09-27 20:23:15 -07:00
Nick Anderson
4ac3f42656 [Fix #3619] Better shutdown logic for Windows service controller (#3698) 2017-09-18 14:15:09 -07:00
Nick Anderson
fa78d5db01 [Fix #3683] Setting interface id for interface_addresses (#3684) 2017-09-13 16:30:30 -07:00
Teddy Reed
450ed67422 watcher: Add more details to the utilization limits docs (#3677) 2017-09-12 21:54:49 -07:00
Teddy Reed
49bb0ecc49 process: Aesthetic changes to process and process_ops (#3678) 2017-09-10 10:58:38 -07:00
Teddy Reed
061dfeecb2 tests: Improve permissions tests as root (#3665) 2017-09-08 04:08:57 -04:00
Seshu Pasam
6fab8b6083 logging: adding "counter" to differentiate initial results (#3651) 
When setting up alerts for differential logs data you might want to skip the
initial added records. counter can be used to identify if the added records
are all records from initial query of if they are new records. For initial
query results that includes all records counter will be "0". For subsequent
query executions counter will be incremented by 1. When epoch changes, counter
will be reset back to "0".
 2017-09-07 15:01:15 -07:00
Teddy Reed
205da3c698 rocksdb: Implement a 'backup' and recover feature for RocksDB (#3635) 2017-09-01 22:31:03 -07:00
Nick Anderson
2a317ce17f worker: shutdown safely on Windows only if not worker (#3628) 2017-08-30 08:45:56 -07:00
Teddy Reed
f29de27649 Combine osqueryi and osqueryd into single binary (#2742) 2017-08-27 11:09:25 -07:00
Teddy Reed
e4bbf06074 codemod: Refactor query functions out of database (#3615) 2017-08-26 18:36:06 -07:00
Teddy Reed
cf170c4278 cleanup: Move query out of database header (#3576) 2017-08-20 02:44:38 -07:00
Nick Anderson
5172580ac8 bug: Processes name correctly displays uid for domain users (#3574) 2017-08-18 21:51:39 -07:00
Vishwa Shah
c54c6e6c0e corrected size in block_devices on darwin, linux (#3539) 2017-08-07 19:21:18 -07:00
Mitchell Grenier
8a963e8d40 [Distributed] Moving to RapidJSON (#3265) 2017-08-07 16:34:44 -07:00
Seshu Pasam
9dc69ee282 Minor static analysis fixes. (#3529) 2017-08-04 18:22:10 -07:00
Teddy Reed
30aae77259 extensions: Call wait on all extensions before respawning (#3516) 2017-08-01 15:16:22 -07:00
Teddy Reed
295acfcf3d worker: Do not ignore SIGCHLD to exit faster (#3487) 2017-07-24 08:48:06 -07:00
Teddy Reed
30a9f23cb0 tsan: Fix watcher and posix utils tsan findings (#3489) 2017-07-24 07:19:31 -07:00
Nick Anderson
de0c0c0663 Updating windows system_info to return fqdn for hostname (#3470) 2017-07-21 11:22:07 -07:00
Nick Anderson
dfbcd50737 windows: Adding osqueryi and osqueryd integration tests (#3479) 2017-07-21 11:20:56 -07:00
Nick Anderson
891a6fb17a windows: Fixing watcher respawn logic for killed worker processes (#3475) 2017-07-21 11:10:06 -07:00
Teddy Reed
a9799a9426 Allow caching for tables with indexes and additionals (#3472) 2017-07-18 00:08:38 -07:00
Teddy Reed
1e9feba506 pidfile: Update pidfile to /var/run on Linux and fbsd (#3457) 2017-07-07 17:57:31 -07:00
Teddy Reed
89ee28dcc4 watchdog: Fix disabled database and logging when watchdog is not used (#3448) 2017-06-28 23:24:18 -07:00
Nicolas Bigaouette
23194c732d Replace hardcoded paths throughout code base (#3387) 2017-06-15 19:31:52 -07:00
Nick Anderson
cffa9cb7a3 Changing init verbosity to honor verbose flag (#3406) 2017-06-14 21:08:33 -07:00
Teddy Reed
f8f5718297 watcher: Do not initialize the config in watcher (#3403) 2017-06-13 17:26:34 -07:00
Nick Anderson
4aa4a983fc Triaging windows auto load extensions; (#3384) 2017-06-09 10:35:40 -07:00
Teddy Reed
8ad086098c watcher: Add initial watchdog delay (#3360) 2017-06-08 18:03:30 +01:00
Mitchell Grenier
f9cb7149a9 [Tidy] Fix syscall deprecation on macOS (#3354) 2017-05-30 17:08:20 -07:00
Teddy Reed
7844a8ea1b nits: Use char-overload for find (#3363) 2017-05-29 23:13:10 -07:00
Teddy Reed
70f30b99d8 watcher: Rename instance to get for consistency (#3359) 2017-05-29 17:16:19 -07:00
Teddy Reed
b38a62be8b config: Rename getInstance to get for consistency (#3350) 2017-05-28 23:04:53 -07:00
Teddy Reed
854b38519f extensions: Clear signals in autoload thread (#3345) 2017-05-28 17:42:43 -07:00
Mitchell Grenier
40056d3d25 Addressing a few nits for carver and system (#3339) 2017-05-26 23:55:51 -07:00
Mitchell Grenier
600a5d017a Add an sql function for carving paths (#3317) 2017-05-26 11:19:43 -07:00
Teddy Reed
775a4cdcce flags: Allow custom flags in configuration (#3301) 2017-05-25 21:29:31 -07:00
Mitchell Grenier
21395f7cb5 Add base64 encode and decoding functions (#3312) 2017-05-24 09:38:10 -07:00
Teddy Reed
b427310241 deps: Rebuild the world, static and hidden (#3299) 2017-05-21 10:59:19 -07:00
Teddy Reed
127737bf0c darwin: Fix FreeBSD genapi, ASL warnings (#3280) 2017-05-12 16:38:16 -07:00
Nick Anderson
95d916e24b [Fix #3268] extensions autoload now correctly spawns extension processes (#3269) 2017-05-11 16:51:48 -07:00
Teddy Reed
bc13431394 freebsd: Fix tests and additional_tests (process, config) (#3239) 2017-04-29 19:53:53 -07:00
Teddy Reed
65ef94f053 logger: Fixes to allow plugins access to hostIDs (#3197) 2017-04-22 18:24:25 -07:00
Grigoriy Chudnov
e3a2445480 Add database init retry (#3179) 2017-04-21 15:32:40 -07:00
Mitchell Grenier
8474cf640b Drop permissions properly on Linux (#3187) 2017-04-20 19:02:09 -07:00
Nick Anderson
13524f8833 Adding file carving feature to osquery (#3038) 2017-04-20 19:00:26 -07:00
tpott
17ab40db51 Add specified identifier via GFlags (#3165) 2017-04-18 22:30:55 -07:00