Rohit Varkey Thankachan
|
081ea9e76d
|
Virtual memory statistics for darwin (#3368)
|
2017-05-31 12:00:44 -07:00 |
|
Teddy Reed
|
eb4536dceb
|
config: Only reconfigure if content changes (#3356)
|
2017-05-30 19:22:41 -07:00 |
|
Mitchell Grenier
|
f9cb7149a9
|
[Tidy] Fix syscall deprecation on macOS (#3354)
|
2017-05-30 17:08:20 -07:00 |
|
Nick Anderson
|
c0085cc63c
|
Bumping thrift to install thrift compiler and squelch output (#3366)
|
2017-05-30 16:58:45 -07:00 |
|
Teddy Reed
|
a7162daea6
|
logger: Allow logString and logSnapshot to fast-track (#3362)
|
2017-05-29 23:49:37 -07:00 |
|
Mitchell Grenier
|
aba8f7524e
|
[Tidy] Fix all C99 warnings (#3353)
|
2017-05-29 23:31:43 -07:00 |
|
Teddy Reed
|
31eb83a1f4
|
packs: Allow posix in pack platform selection (#3364)
|
2017-05-29 23:13:59 -07:00 |
|
Teddy Reed
|
7844a8ea1b
|
nits: Use char-overload for find (#3363)
|
2017-05-29 23:13:10 -07:00 |
|
Teddy Reed
|
616172af56
|
logger: Rename BufferedLogSink instance and other nits (#3361)
|
2017-05-29 22:23:36 -07:00 |
|
Teddy Reed
|
70f30b99d8
|
watcher: Rename instance to get for consistency (#3359)
|
2017-05-29 17:16:19 -07:00 |
|
Teddy Reed
|
98505e5eb2
|
events: Sane defaults for expiration and max (#3358)
|
2017-05-29 16:10:24 -07:00 |
|
Teddy Reed
|
49ed383017
|
config: Unify the config refresh logic (#3351)
|
2017-05-29 14:09:44 -07:00 |
|
Mitchell Grenier
|
01518102aa
|
[Tidy] Fix four character literal warning (#3355)
|
2017-05-29 08:47:21 -07:00 |
|
Teddy Reed
|
8a93acfa1c
|
TSAN: Address failures and findings in LLVM 4.0 (#3343)
|
2017-05-29 02:06:57 -07:00 |
|
Teddy Reed
|
b38a62be8b
|
config: Rename getInstance to get for consistency (#3350)
|
2017-05-28 23:04:53 -07:00 |
|
Teddy Reed
|
73848c10ff
|
virtual tables: Add optional --table_delay between scans (#3349)
|
2017-05-28 22:37:38 -07:00 |
|
Teddy Reed
|
df82f8c50e
|
filesystem: Remove read_user_max flag (#3348)
|
2017-05-28 22:36:41 -07:00 |
|
Mitchell Grenier
|
fdf71643f8
|
Fix C99 array errors by moving array to the heap (#3346)
|
2017-05-28 20:46:54 -07:00 |
|
Mitchell Grenier
|
20327b32a2
|
Disallow the shadowing of local variables and fix existing shadows (#3347)
|
2017-05-28 20:44:11 -07:00 |
|
Teddy Reed
|
854b38519f
|
extensions: Clear signals in autoload thread (#3345)
|
2017-05-28 17:42:43 -07:00 |
|
Teddy Reed
|
ae4de5628e
|
Add SANITIZE_UNDEFINED for UBSAN (#3344)
|
2017-05-28 00:40:08 -07:00 |
|
Mitchell Grenier
|
40056d3d25
|
Addressing a few nits for carver and system (#3339)
|
2017-05-26 23:55:51 -07:00 |
|
lxcode
|
8b7b37bf4f
|
Add table for FreeBSD kernel modules. (#3328)
|
2017-05-26 15:10:59 -07:00 |
|
Mitchell Grenier
|
62beb1e547
|
Fix #3220 Error loading packs not verbose enough (#3333)
|
2017-05-26 14:07:50 -07:00 |
|
Mitchell Grenier
|
600a5d017a
|
Add an sql function for carving paths (#3317)
|
2017-05-26 11:19:43 -07:00 |
|
Teddy Reed
|
9ba0edb4bb
|
darwin: Improve disk_events add detection (#3332)
|
2017-05-26 10:38:26 -07:00 |
|
Mitchell Grenier
|
bf2457ffcd
|
Address YARA hardcoded home folder issue (#3331)
|
2017-05-26 00:27:02 -07:00 |
|
Mitchell Grenier
|
ce62dc53ba
|
Rename new base64 functions to be like MySQL (#3329)
|
2017-05-25 22:24:25 -07:00 |
|
Teddy Reed
|
775a4cdcce
|
flags: Allow custom flags in configuration (#3301)
|
2017-05-25 21:29:31 -07:00 |
|
Mitchell Grenier
|
ccf5977b0e
|
Conditional base64 function (#3320)
|
2017-05-25 10:58:08 -07:00 |
|
Nick Anderson
|
4ab974d7ce
|
Fixing gle warning verbosity in drivers table and resharper lints (#3325)
|
2017-05-25 09:38:36 -07:00 |
|
Dan Sedlacek
|
06652449c3
|
[windows] refactor routes to properly display metrics and mtus (#3321)
|
2017-05-25 09:30:40 -07:00 |
|
Mitchell Grenier
|
fe1418f240
|
Adding a config block to create views (#3306)
|
2017-05-24 21:03:15 -07:00 |
|
Nick Anderson
|
dd66ce2a93
|
Removing pretty printing from windows event log data (#3322)
|
2017-05-24 17:00:52 -07:00 |
|
Nick Anderson
|
5261765261
|
Adding cmake changes to support a Windows Full Debug build (#3311)
|
2017-05-24 10:04:23 -07:00 |
|
Mitchell Grenier
|
21395f7cb5
|
Add base64 encode and decoding functions (#3312)
|
2017-05-24 09:38:10 -07:00 |
|
ryanheffernan
|
05b7b80891
|
Refactor Windows interface_addresses table to use win32 API and report accurate netmasks. (#3297)
|
2017-05-23 14:58:11 -07:00 |
|
Nick Anderson
|
e9dc7b0aa5
|
Carved files no longer contain carver fs path (#3296)
|
2017-05-23 12:42:27 -07:00 |
|
Mitchell Grenier
|
e0f5de75b9
|
Fix crash caused by boost's unhandled exception (#3309)
|
2017-05-23 09:29:03 -07:00 |
|
Mitchell Grenier
|
7ddb959b0d
|
Fix an reading past the end of buffer (#3307)
|
2017-05-23 09:16:27 -07:00 |
|
Seshu Pasam
|
5f732084a2
|
kDBInitialized should be checked after acquiring lock (#3302)
|
2017-05-22 20:11:35 -07:00 |
|
Teddy Reed
|
b427310241
|
deps: Rebuild the world, static and hidden (#3299)
|
2017-05-21 10:59:19 -07:00 |
|
Teddy Reed
|
8f07e1df23
|
database: Simplify database reset logic and locking (#3298)
|
2017-05-20 00:00:27 -07:00 |
|
lxcode
|
017fc1d33c
|
FreeBSD: fix patchlevel reporting (#3291)
|
2017-05-19 10:43:41 -07:00 |
|
lxcode
|
523fa01b21
|
Fix sudoers path on FreeBSD, add fields to os_version (#3286)
|
2017-05-16 11:59:49 -07:00 |
|
Teddy Reed
|
fb287745c6
|
linux: Use lld and ThinLTO on Linux (#3284)
|
2017-05-14 14:23:50 -07:00 |
|
Teddy Reed
|
fd882396e0
|
Use ThinLTO with LTO cache on Darwin (#3282)
|
2017-05-13 15:44:40 -07:00 |
|
Teddy Reed
|
127737bf0c
|
darwin: Fix FreeBSD genapi, ASL warnings (#3280)
|
2017-05-12 16:38:16 -07:00 |
|
lxcode
|
9b803d78d7
|
FreeBSD: Fix os_version, add pkgng package table (#3278)
|
2017-05-12 14:11:01 -07:00 |
|
Teddy Reed
|
2e6947642a
|
logger: Relay status logs to the enabled log sinks (#3275)
|
2017-05-11 21:08:14 -07:00 |
|
Nick Anderson
|
9b29f71c51
|
Removing permissive builds on posix (#3277)
|
2017-05-11 18:40:26 -07:00 |
|
Nick Anderson
|
95d916e24b
|
[Fix #3268] extensions autoload now correctly spawns extension processes (#3269)
|
2017-05-11 16:51:48 -07:00 |
|
Nick Anderson
|
777801e2a4
|
Fixing permissive ref issue (#3266)
|
2017-05-11 16:47:05 -07:00 |
|
ryanheffernan
|
46f7f287d2
|
Adding deleter for unique_ptrs using mallocs (#3273)
|
2017-05-11 16:46:25 -07:00 |
|
ryanheffernan
|
c279342226
|
Allow querying Windows Registry by 'path' column (#3270)
|
2017-05-11 10:29:59 -07:00 |
|
Seshu Pasam
|
920a4b5194
|
[Fix 2956] augeas table returns no data. (#3260)
|
2017-05-11 00:00:34 -07:00 |
|
Teddy Reed
|
e8c39c5572
|
hashing: Add sha1, sha256, md5 functions (#3267)
|
2017-05-09 23:55:49 -07:00 |
|
ryanheffernan
|
b54504ef16
|
Refactoring Windows registry table to use unique_pr and return status on failure (#3228)
|
2017-05-08 10:42:44 -07:00 |
|
Dan Sedlacek
|
1413008642
|
[fix #3257] report proper routes for 0.0.0.0 (#3259)
|
2017-05-08 01:44:42 -07:00 |
|
Nick Anderson
|
8fdb0a6945
|
Adding distributed workid to carver (#3252)
|
2017-05-05 15:14:21 -07:00 |
|
Seshu Pasam
|
4cfb31452c
|
Docker support (#3241)
|
2017-05-05 09:53:12 -07:00 |
|
Nick Anderson
|
04dbbebeac
|
[Fix 3249] Addressing permissive build fail (#3250)
|
2017-05-04 23:33:32 -07:00 |
|
Teddy Reed
|
582ab52e8f
|
build: Remove SYSTEMD and _BASED logic (#3245)
|
2017-05-03 22:28:33 -07:00 |
|
lxcode
|
9482220bf0
|
Make sysctls work on FreeBSD (#3242)
|
2017-05-02 18:25:25 -07:00 |
|
Teddy Reed
|
bc13431394
|
freebsd: Fix tests and additional_tests (process, config) (#3239)
|
2017-04-29 19:53:53 -07:00 |
|
Teddy Reed
|
6496c2eef7
|
database: Remove SKIP_ROCKSDB build option (#3235)
|
2017-04-28 17:48:45 -07:00 |
|
Teddy Reed
|
4372785d5d
|
Refactor build logic to allow optional: yara, tsk, lldpd (#3226)
|
2017-04-28 13:45:41 -07:00 |
|
ryanheffernan
|
0458abc453
|
Split Startup items 'path' column into 'path' and 'args'
|
2017-04-27 23:56:08 -04:00 |
|
lxcode
|
03a9798b7e
|
FreeBSD: add functional routes.cpp, unblacklist modules (#3225)
|
2017-04-27 16:34:31 -07:00 |
|
Teddy Reed
|
e52f85f95e
|
database: Move r/w reset lock for extensions (#3219)
|
2017-04-27 00:55:02 -07:00 |
|
Robin Breathe
|
cbc34c44fe
|
Darwin: Add channel column to wifi_status and wifi_survey tables (#3221)
|
2017-04-26 14:41:24 -07:00 |
|
ryanheffernan
|
62dda71321
|
Refactor Windows Service Table to use std::unique_ptr (#3203)
|
2017-04-24 12:16:10 -07:00 |
|
Teddy Reed
|
ca8a919602
|
database: Fix TSAN-detected reset lock inversion (#3207)
|
2017-04-24 07:51:05 -07:00 |
|
Teddy Reed
|
66c177945e
|
logger: Require an open DB for status logs (#3205)
|
2017-04-23 13:16:12 -07:00 |
|
Teddy Reed
|
8b58e13733
|
rpm: Improve librpm safety (#3200)
|
2017-04-23 12:36:39 -07:00 |
|
Teddy Reed
|
65ef94f053
|
logger: Fixes to allow plugins access to hostIDs (#3197)
|
2017-04-22 18:24:25 -07:00 |
|
Teddy Reed
|
0374fde651
|
[Fix #3194] Remove qualified name from parseEvent declaration (#3198)
|
2017-04-22 18:16:20 -07:00 |
|
Gregory Heimbuecher
|
c5fd96cdf3
|
Fix #2838: Adds the event_taps table to Darwin (#3188)
|
2017-04-21 15:55:12 -07:00 |
|
Grigoriy Chudnov
|
e3a2445480
|
Add database init retry (#3179)
|
2017-04-21 15:32:40 -07:00 |
|
Teddy Reed
|
e817f3919e
|
Add hardware_disabled_types flag to control hardware_events (#3190)
|
2017-04-21 11:14:35 -07:00 |
|
Mitchell Grenier
|
d5f002d447
|
Adding a table for Time Machine Backup Destinations (#3177)
|
2017-04-20 19:15:29 -07:00 |
|
Mitchell Grenier
|
8474cf640b
|
Drop permissions properly on Linux (#3187)
|
2017-04-20 19:02:09 -07:00 |
|
Nick Anderson
|
13524f8833
|
Adding file carving feature to osquery (#3038)
|
2017-04-20 19:00:26 -07:00 |
|
Dan Sedlacek
|
13aef1fb73
|
Windows Network Routes (#3040)
|
2017-04-19 20:03:20 -07:00 |
|
Nick Anderson
|
e3ebc47498
|
Grabbing additional data fields for windows event logs (#3183)
|
2017-04-19 16:09:49 -07:00 |
|
Nick Anderson
|
6ba48afef6
|
Adding support for quote wrapped windows event channels (#3175)
|
2017-04-19 09:18:44 -07:00 |
|
tpott
|
17ab40db51
|
Add specified identifier via GFlags (#3165)
|
2017-04-18 22:30:55 -07:00 |
|
Nick Anderson
|
318dfe2d0d
|
Fixing stringToWstring crashes with wide character strings (#3170)
|
2017-04-18 09:25:30 -07:00 |
|
Nick Anderson
|
352b43a4d5
|
Adding bounds checks and key checks for appcompat shims table (#3169)
|
2017-04-16 16:14:17 -07:00 |
|
Teddy Reed
|
90078f15ea
|
events: Add hidden EID to all events tables (#3159)
|
2017-04-14 08:20:20 -07:00 |
|
Nick Anderson
|
6a90db47be
|
Adding the Windows Scheduled Tasks virtual table (#3153)
|
2017-04-13 07:53:49 -07:00 |
|
Teddy Reed
|
b3ee6c9a8d
|
tables: Fix table metadata when constraints are used (#3151)
|
2017-04-12 21:48:28 -07:00 |
|
Teddy Reed
|
649afcfff1
|
events: Use generator-tables for event subscribers (#3150)
|
2017-04-12 21:45:41 -07:00 |
|
Teddy Reed
|
c5e6db36eb
|
events: Use poll instead of select for audit and udev (#3158)
|
2017-04-12 16:10:11 -07:00 |
|
Teddy Reed
|
5fd11260ad
|
inotify: Use poll over select in inotify publisher (#3157)
|
2017-04-12 16:09:48 -07:00 |
|
Teddy Reed
|
ae4cb0ba28
|
extensions: Catch Thrift transport close exception (#3160)
|
2017-04-10 22:37:56 -07:00 |
|
Teddy Reed
|
67440ab101
|
tests: Rewrite and add filesystem tests (#3156)
|
2017-04-10 21:32:16 -07:00 |
|
yying
|
31b78cb996
|
Adding hostIdentifier, calendarTime, unixTime to status logging (#3146)
|
2017-04-10 11:56:23 -07:00 |
|
Teddy Reed
|
201fbc6707
|
extensions: Improve extensions and interface headers (#3154)
|
2017-04-10 08:59:06 -07:00 |
|
Teddy Reed
|
76fe5d748c
|
logging: Allow Glog reentrancy (#3142)
|
2017-04-06 15:57:44 -07:00 |
|