valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,571 Commits 2 Branches 109 Tags 25 MiB
da0ce578da
Commit Graph

297 Commits

Author SHA1 Message Date
Teddy Reed
a4e236e16a Simpler OSX package building 2015-01-07 20:01:33 -08:00
Teddy Reed
2ad15763e2 Provide example config, improve pid check 2015-01-07 15:22:50 -08:00
Teddy Reed
182cdb713e Small fix for a make jobserver race in gentable 2015-01-05 18:11:10 -08:00
Norm MacLennan
a6b769b6f4 a table to show apt package sources 2015-01-04 19:44:45 -05:00
Teddy Reed
51425c898a Remove brew-dependent pkg build 2015-01-03 22:51:09 -08:00
Teddy Reed
2cef8d6f9f Merge pull request #564 from maclennann/deb_packages 
deb_packages table
 2015-01-02 11:15:56 -08:00
Teddy Reed
9b0adcc47f [Fix #560] Improve config tests 2015-01-01 22:05:03 -08:00
Norm MacLennan
dd4a9d9d74 merging cmake changes for distro-specific tables 2014-12-31 13:06:54 -05:00
Teddy Reed
914ae37a72 Move CMakeLibs and valgrind supp file 2014-12-31 08:32:23 -08:00
Norm MacLennan
beff9471f8 resolve merge conflict with upstream 2014-12-30 18:21:00 -05:00
Norm MacLennan
0191f1de29 resurrect the deb_packages table 2014-12-30 17:24:49 -05:00
Teddy Reed
94811f3ee8 Removed 'core' tables as a build dependency 2014-12-25 12:46:59 -08:00
Teddy Reed
e4b60e883a Variable amalgamation output filename 2014-12-23 21:53:59 -07:00
Theodore M. Reed
b2be1fa383 Whole link tests and refactor flags_test 2014-12-23 20:38:16 -08:00
Teddy Reed
b2dca55539 Build leaner libosquery, allow control over spec/impl 2014-12-23 20:07:12 -08:00
Theodore M. Reed
53d683a3b3 Remove tables dependency from CMake build 2014-12-23 14:37:07 -08:00
mike@arpaia.co
b9f732c31f Updating the license comment to be the correct open source header 
As per t5494224, all of the license headers in osquery needed to be updated
to reflect the correct open source header style.
 2014-12-18 10:52:55 -08:00
Teddy Reed
fefe6de824 OSX XProtect siganture DB as virtual table 2014-12-16 21:35:26 -08:00
Teddy Reed
a75fa3bf11 Merge pull request #538 from theopolis/improve_usb 
Improve usb_devices on OSX
 2014-12-10 19:51:08 -08:00
Teddy Reed
4644c5e19b Simple usb_devices updates 2014-12-10 01:52:02 -08:00
Teddy Reed
0b5083bd0e Improve usb_devices on OSX 2014-12-10 01:17:24 -08:00
Teddy Reed
5b029c96ec Using osquery as the app ID 2014-12-09 17:37:58 -08:00
Teddy Reed
2fae6c0d7c Link the brew dependencies statically on OSX 2014-12-09 13:40:53 -08:00
Teddy Reed
96d68ce98a Clean before building CI 2014-12-08 15:22:17 -08:00
Teddy Reed
f3ab333cf1 Add -s flag to OSX package script 2014-12-04 09:33:04 -08:00
Teddy Reed
ebd77d47c4 Amalgamate generated tables 2014-12-03 02:02:11 -08:00
Teddy Reed
343cdf8405 Organize /tools 2014-12-02 21:16:24 -08:00
Teddy Reed
3ac9c3be09 Verbose option for profile 2014-12-02 12:19:17 -08:00
Teddy Reed
cb4d8e2769 Add regress/compare to profile 2014-11-30 12:18:31 -08:00
Teddy Reed
3fb6e8583c [Fix #503] Check for zombie psutil 2014-11-30 00:55:17 -08:00
Teddy Reed
38bc5542b3 Towards a more universal darwin package 2014-11-22 17:42:02 -08:00
Javier Marcos
00d1d8f563 Avoiding unnecessary download of cmake in Ubuntu, removing Travis support and adding new dependency in osx needed to build a package 2014-11-21 15:33:47 -08:00
Teddy Reed
44181b7aeb Add basic support for unsigned long long int 2014-11-21 10:32:56 -08:00
Javier Marcos
2ca0e44d5c Comment to test PR builds, again 2014-11-19 16:33:33 -08:00
Javier Marcos
a190b41720 Comment to test PR builds 2014-11-19 16:23:25 -08:00
Javier Marcos
0dabad43af Merge pull request #471 from facebook/apt_get_update_errors 
Fix problem with apt-get update and hash mismatch
 2014-11-19 13:08:03 -08:00
Javier Marcos
e585fffacb Fix problem with apt-get update and hash mismatch 2014-11-19 12:59:40 -08:00
Mike Arpaia
ac70916719 Merge pull request #434 from lwhsu/freebsd-build 
FreeBSD support of build infrastructure
 2014-11-19 09:23:17 -08:00
Li-Wen Hsu
babb13240d Install build dependencies and fix checksum command for FreeBSD 2014-11-19 17:58:31 +08:00
mike@arpaia.co
7c1bf8457f new no-launchd option 2014-11-18 12:54:05 -08:00
Li-Wen Hsu
6c55b51c53 Merge branch 'master' into freebsd-build 
Conflicts:
	osquery/core/system.cpp
	tools/provision.sh
 2014-11-19 01:50:38 +08:00
Teddy Reed
8fd957dd65 Add throttle to LD plist 2014-11-17 19:35:37 -07:00
Javier Marcos
0c59fc9d9f Support of osx 10.8 broke the other builds with the -E parameter 2014-11-17 15:48:27 -08:00
Teddy Reed
1116d6a928 Merge pull request #438 from theopolis/feature-arp-table 
arp_cache vtable for OSX and Linux
 2014-11-17 11:36:46 -08:00
Teddy
968f8027e6 Cleaner arp_table->arp_cache on Linux/OSX 2014-11-17 02:37:15 -08:00
Javier Marcos
5db8dcbae6 Fixes building in CentOS, sudo was missing from some commands 2014-11-16 22:46:12 -08:00
Teddy Reed
d50d1cf3a7 Faster build on Ubuntu 2014-11-16 19:49:41 -08:00
Li-Wen Hsu
15335695a1 Use uname -r for better backward compatibility 2014-11-17 04:28:55 +08:00
mike@arpaia.co
2e49debd70 Customizable LaunchDaemon via a command-line flag 
This is in response to #411. Allowing you to specify arguments on the
command-line has more edge-cases than I'd prefer, so I think this is a
bit more of a sustainable solution, especially given that you're already
supplying the tool with a path to your config file (now you can just
track one additional file).
 2014-11-16 11:07:52 -08:00
Li-Wen Hsu
d4fc9b405a Use uname -s to determine non-Linux platform 2014-11-16 01:41:50 +08:00
Li-Wen Hsu
cf2e376744 $DISTRO will be used for C macro, truncate unnecessary part 2014-11-16 01:41:50 +08:00
Li-Wen Hsu
76fa17e19c Let provision script know FreeBSD 2014-11-16 01:41:40 +08:00
Teddy Reed
816faec3db Merge pull request #429 from cdown/llvm_license 
Add missing LLVM license referenced in git-clang-format.py
 2014-11-14 18:46:22 -08:00
Chris Down
8082313cce Revert removal of unused symbols in genapi per @theopolis' comment: 
At https://github.com/cdown/osquery/commit/2a93de#commitcomment-8583208:
> Although the removed symbols aren't referenced in this script they are
> used in the spec evaluation.
 2014-11-15 01:39:29 +00:00
Chris Down
2a93def805 Add PEP8 and general lint conformance to in-house scripts 
My intent in this diff was mostly style linting, so I disabled
non-stylistic pylint linters that fired in the interests of making this
a sane diff with one purpose: stylistic consistency and conformance. If
I disabled them it means they were thrown somewhere and should probably
be looked into some time :-)

This diff adds:
- PEP8 conformance (tested with pep8)
- A cleanup of stuff shown by `pylint`, with quite a few linters
  disabled. See above for rationale to disable these -- in the end this
  was mostly unused variables, unused imports, etc). These are the
  linters I disabled:
  - attribute-defined-outside-init
  - bad-classmethod-argument
  - bare-except
  - broad-except
  - exec-used
  - invalid-name
  - logging-not-lazy
  - method-hidden
  - missing-docstring
  - redefined-outer-name
  - too-few-public-methods
  - too-many-instance-attributes
  - too-many-locals
  - unused-argument
- flake8 warnings fixed (warnings were about redefinition of previous
  variables in a listcomp)

I didn't do anything with git-clang-format since it's from an external
project and it's possible that there may be a wish to merge it in again
later if it gets updated upstream, but you could, of course, apply this
to that script as well if you so wish. Right now it's not at all PEP8
conformant.
 2014-11-14 23:36:36 +00:00
Chris Down
3554a65885 Add missing LLVM license referenced in git-clang-format.py 2014-11-14 23:07:48 +00:00
Teddy Reed
565bce3c07 Fix unwind exception catching 2014-11-14 01:42:00 -08:00
Vincent Mauge
73d7500b8d Fix genapi to support DataType 
PR #414 (commit a5ef6a1) changed column type from string to Datatype
 2014-11-13 22:43:06 -08:00
mike@arpaia.co
b8566f557e including the formula file 2014-11-12 16:18:27 -05:00
mike@arpaia.co
019e9e25de only use most active version of a dependency 2014-11-12 16:07:31 -05:00
Teddy Reed
a5ef6a1f70 Merge pull request #414 from theopolis/feature-use-sqltypes 
Use SQLite types
 2014-11-12 11:07:50 -08:00
Teddy Reed
0d8b9d3eaa Use SQLite types 2014-11-12 11:07:24 -08:00
mike@arpaia.co
adb8bf7602 Merge branch 'master' of github.com:facebook/osquery 2014-11-12 10:57:14 -05:00
mike@arpaia.co
600027eb52 If the symlink is broken, delete it first. 2014-11-12 10:56:57 -05:00
Teddy Reed
525a3b79a0 Tons of new build features 
* The OS/DISTRO are available as defines when writing tables:
  UBUNTU, UBUNTU_14_04, UBUNTU_12_04
  CENTOS, CENTOS_6_6
  DARWIN, DARWIN_10_10, DARWIN_10_9
* The table generation tooling now grabs virtual tables templates
  from ./osquery/tables/templates/<name>.cpp.in.
* The table generation tooling will detect reserved column names.
* suid_bin uses the new UBUNTU to restrict calls to root (fix #362).
 2014-11-12 00:57:47 -08:00
mike@arpaia.co
535b1a0ef0 build packages without config files 
If you want to manage your osqueryd config via some other means than
this package creation logic, just leave off the `-c` flag and it won't
include the config in your package. Then you can distribute the config
however you'd like.
 2014-11-11 17:54:22 -05:00
Teddy Reed
8e408f987e Table spec documentation examples 2014-11-11 11:26:11 -08:00
mike@arpaia.co
42b32d0bbf include the newer kernel headers. fix for #401 2014-11-11 09:28:04 -05:00
Vincent Mauge
3e9e5ffc69 Fix genapi.py to handle new blacklist mechanism 
For now we generate doc for blacklist tables.
We should report those tables with a specific flag on the html output.
 2014-11-11 00:51:13 -08:00
Teddy Reed
8b1af689db Blacklist is now on by default 2014-11-10 13:30:38 -08:00
Teddy Reed
177229ead1 Add queries_from_config to profile 2014-11-10 13:30:38 -08:00
Teddy Reed
050e942d11 Support USE_BLACKLIST=1 to remove tables from release 2014-11-10 13:30:38 -08:00
Abe Stanway
6a6dc8f997 linux-headers-generic 2014-11-10 15:02:31 -05:00
Teddy Reed
86d2ac208b Use leaks for OSX memory leak profiling 2014-11-10 11:34:17 -08:00
Teddy Reed
19aa99583e Linux processes vtable use freeproc 2014-11-10 10:12:47 -08:00
Teddy Reed
22cf9909ec [Fix #388] Check for 0 in profile tooling 2014-11-10 02:03:58 -08:00
Teddy Reed
b0ff403d3d Fixing librpm API usage leaks 2014-11-10 01:48:07 -08:00
Teddy Reed
62d6472cfe Rethinking some build improvements 2014-11-08 19:28:35 -08:00
Teddy Reed
131dca2673 [tools] Performance monitoring tooling 2014-11-06 17:37:26 -08:00
Teddy Reed
51f434f6b9 Merge pull request #366 from facebook/site_tables 
[site] Add tables API page
 2014-11-05 10:57:28 -08:00
Teddy Reed
b79f512a9a [site] Add tables API page 2014-11-05 02:19:20 -08:00
Justin Gerace
40367dc054 Ensure that libblkid-devel is installed on CentOS 2014-11-04 19:33:43 -08:00
mike@arpaia.co
8c8c26a4c2 two threads for travis 2014-11-04 02:04:39 -08:00
Teddy Reed
b9cc1e6eca Merge pull request #355 from facebook/travis 
hard coding travis threads
 2014-11-03 23:39:32 -08:00
Mike Arpaia
37734bc5a4 Merge pull request #351 from LTD-Beget/blockdev_table 
Blockdev table for linux
 2014-11-03 22:29:35 -08:00
mike@arpaia.co
c9bdd0f124 hard coding travis threads 2014-11-03 22:22:47 -08:00
Mike Arpaia
12485f4345 Merge pull request #342 from theopolis/feature-depcheck 
Adding pip, git dependencies to provision
 2014-11-03 14:23:45 -08:00
Alexander Polyakov
cfa9c99a6f Add libblkid to provision.sh 2014-11-04 01:23:24 +03:00
Zachary Wasserman
07c8671ede Use relative path from argv[0] 2014-11-03 11:24:38 -08:00
Teddy
cedbb17075 Adding pip, git dependencies to provision 2014-11-03 09:33:26 -08:00
Akshay Dixit
afd9d5e160 changed lspci to be a linux only virtual table, and added udev dependency to provisions.sh 2014-11-02 21:07:35 -07:00
Teddy Reed
422cdbb3e9 Change make format to use git-clang-format 2014-11-02 11:30:56 -08:00
Teddy Reed
bb7f8b6519 Bump, change mode on provision 2014-11-02 02:07:29 -08:00
Teddy Reed
a98c7b1252 Add rpm-devel to centos deps 2014-11-02 01:33:11 -08:00
Mike Arpaia
77d4777eed Merge pull request #262 from facebook/rpmstuff 
RPM Package Listing - In Progress
 2014-11-01 00:24:03 -07:00
Teddy Reed
eb240ac527 RPM table and more robust Linux building 2014-10-31 21:59:10 -07:00
Denis Zhdanov
8e1b499b18 No, reverting back to getconf _NPROCESSORS_ONLN 
much simplier
 2014-10-31 18:31:06 +01:00
Denis Zhdanov
0539746a9b Update provision.sh 
Hm, jenkins do not likes getconf _NPROCESSORS_ONLN
trying more complex
$([[ $(uname) = 'Darwin' ]] && sysctl -n hw.logicalcpu_max || lscpu -p | egrep -v '^#' | wc -l)
 2014-10-31 18:22:03 +01:00
Denis Zhdanov
a2863efce1 Fixing number of cores detection for boost builds 
This way of cores detection:
```bash
cat /proc/cpuinfo | grep "cpu cores" | uniq | awk '{print $NF}'
```
is cumbersome and didn't work in some cases, e.g. for VM on VirtualBox with one CPU.
It's much better to use something else, e.g.
```bash
getconf _NPROCESSORS_ONLN
```
as stated in
https://stackoverflow.com/questions/6481005/obtain-the-number-of-cpus-cores-in-linux
```nproc``` also works well but didn't compatible with MacOS X.
 2014-10-31 18:04:55 +01:00
Teddy Reed
5e15cd0b28 Fix #281, quote SOURCE_DIR for source and pip 2014-10-30 13:03:07 -07:00
Rafal Jeczalik
cf959cfc4f Install libunwind8-dev for Ubuntu 14.10 2014-10-30 10:37:32 +01:00
Teddy Reed
4ed61ff868 Merge pull request #288 from vmauge/NewLongType 
Add new long type and migrate some vtables
 2014-10-29 23:12:52 -07:00
Vincent Mauge
7876d56219 Add support for long long int/BIGINT as a column type 2014-10-29 18:36:37 -07:00
Mike Arpaia
5f88d45efb Merge pull request #275 from SimplyAhmazing/fix_brew_installation_verification_on_boxen_provisioned_macs 
Improves bash code that verifies if homebrew is installed
 2014-10-29 15:26:21 -07:00
Yannick Koechlin
594cf346a9 add parenthesis for python3 compatibility 2014-10-29 22:37:54 +01:00
Ahmed Abdalla
825a55d0fb improves bash code that verifies if homebrew is installed 2014-10-29 16:52:37 -04:00
Teddy Reed
5b2510784e Build into platform-specific build dirs 2014-10-23 14:39:15 -07:00
Javier Marcos
bf1ffb1537 Removing old code for generating virtual tables 2014-10-13 21:58:26 -07:00
Javier Marcos
e66a4d8873 Install package depending on arch and better comments 2014-10-08 23:09:02 +00:00
Javier Marcos
b01806b412 Changes to the darwin build, to enable centos support 2014-10-08 04:11:50 +00:00
Javier Marcos
5db9fa59a5 Adding support to build osquery in centos 6.5 2014-10-08 03:45:56 +00:00
mike@arpaia.co
12a60acd9b working osx package maker 2014-10-03 18:09:37 -07:00
mike@arpaia.co
4e3979bce1 install root 2014-10-03 14:51:03 -07:00
mike@arpaia.co
e9b56e5d10 removing superfluous logging 2014-10-03 14:51:03 -07:00
mike@arpaia.co
d214901d57 OS X package maker via relocating homebrew packages 2014-10-03 14:51:03 -07:00
mike@arpaia.co
134c6ee1af removing wget from os x build 2014-10-03 13:49:33 -07:00
mike@arpaia.co
7d2fae033e rocksdb from brew 2014-10-03 13:48:54 -07:00
mike@arpaia.co
44f2cc9c39 brew update 2014-10-03 13:48:31 -07:00
Mike Arpaia
1d062bb038 Merge pull request #185 from facebook/ubuntu12_precise_build_support 
Adding support to build in Ubuntu 12
 2014-10-03 12:57:25 -07:00
Javier Marcos
97d44067ee Merge branch 'ubuntu12_precise_build_support' of https://github.com/facebook/osquery into ubuntu12_precise_build_support 2014-10-03 18:59:47 +00:00
mike@arpaia.co
fd141c26bf removing flag test 2014-10-03 12:01:08 -07:00
Javier Marcos
a495fab1ca Remove support of erlang, java and python for thrift 2014-10-03 18:58:03 +00:00
Javier Marcos
d15da03c67 Support of go fails 2014-10-03 17:59:39 +00:00
Javier Marcos
53360155fd Using source to import script 2014-10-03 17:23:17 +00:00
Teddy Reed
368ab483a7 Merge pull request #184 from facebook/fsevents 
[events] Fleshing out OSX FSEvent framework
 2014-10-03 07:54:17 -07:00
Teddy Reed
69bfb92905 [events] Fleshing out OSX FSEvent framework 2014-10-02 21:30:14 -07:00
Javier Marcos
4823fa2a56 Merge branch 'ubuntu12_precise_build_support' of https://github.com/facebook/osquery into ubuntu12_precise_build_support 2014-10-03 00:49:28 +00:00
Javier Marcos
c827065c01 Fix for building thrift in Linux 2014-10-03 00:48:45 +00:00
mike@arpaia.co
1bdb60d6fc sudo make install 2014-10-02 16:46:32 -07:00
mike@arpaia.co
9e59982f70 updating provision script to be runnable as not root 2014-10-02 16:33:23 -07:00
Javier Marcos
1401a279a2 Fixed Mac broken build and added building capabilities for Linux 2014-10-02 16:30:29 -07:00
Javier Marcos
84a79855e7 Using clang to build all and refactoring using functions 2014-10-02 16:30:29 -07:00
Javier Marcos
06b35c45f0 Adding support to build in Ubuntu 12 2014-10-02 16:30:29 -07:00
Javier Marcos
692da4127b Fixed Mac broken build and added building capabilities for Linux 2014-10-02 23:25:39 +00:00
Javier Marcos
126f66bfa3 Using clang to build all and refactoring using functions 2014-10-02 22:54:55 +00:00
mike@arpaia.co
0f840d4ec4 install rocksdb from source 2014-10-02 15:24:59 -07:00
mike@arpaia.co
6d7992a6c1 installing lz4 on OS X 2014-10-02 15:11:54 -07:00
Javier Marcos
7c1afd1558 Adding support to build in Ubuntu 12 2014-10-02 17:58:56 +00:00
mike@arpaia.co
2348460ca4 Revert "Support for Ubuntu 12, precise" 
This reverts commit ed0e051eba.
 2014-10-01 23:00:23 -07:00
Javier Marcos
ed0e051eba Support for Ubuntu 12, precise 2014-10-02 01:24:23 +00:00
Teddy Reed
588f1198f3 Merge pull request #174 from facebook/passwd_changes_vtable 
[events] Events lifecycle complete, passwd_changes vtable
 2014-09-26 21:13:52 -07:00
Teddy Reed
ed338e8356 [events] Events lifecycle complete, passwd_changes vtable 2014-09-26 12:58:32 -07:00
mike@arpaia.co
82bf365c5f Add space in error message 
[skip ci]
 2014-09-25 12:25:49 -07:00
mike@arpaia.co
4cd40c7f19 central build script 2014-09-25 02:00:16 -07:00
mike@arpaia.co
70eff22898 Adding some perm updates 2014-09-25 00:27:07 -07:00
mike@arpaia.co
135dd0dbe4 TravisCI configuration 2014-09-24 18:05:33 -07:00
mike@arpaia.co
d7546de036 Relocatable build 
Making it such that osquery doesn't need to be built in the repo "build"
subdirectory. gentable.py now accepts a positional argument which
indicates the output (which is calculated by cmake) so they don't have
to agree on a destination ahead of time.
 2014-09-24 01:58:12 -07:00
mike@arpaia.co
3753189e4a improving the makefile output 2014-09-24 01:28:34 -07:00
mike@arpaia.co
71bdb9e9a4 shebang 2014-09-23 22:14:28 -07:00
mike@arpaia.co
670957ab41 git submodules into provision.sh 2014-09-23 21:22:42 -07:00