Nick Anderson
|
9b29f71c51
|
Removing permissive builds on posix (#3277)
|
2017-05-11 18:40:26 -07:00 |
|
Nick Anderson
|
95d916e24b
|
[Fix #3268] extensions autoload now correctly spawns extension processes (#3269)
|
2017-05-11 16:51:48 -07:00 |
|
Nick Anderson
|
777801e2a4
|
Fixing permissive ref issue (#3266)
|
2017-05-11 16:47:05 -07:00 |
|
ryanheffernan
|
46f7f287d2
|
Adding deleter for unique_ptrs using mallocs (#3273)
|
2017-05-11 16:46:25 -07:00 |
|
ryanheffernan
|
c279342226
|
Allow querying Windows Registry by 'path' column (#3270)
|
2017-05-11 10:29:59 -07:00 |
|
Seshu Pasam
|
920a4b5194
|
[Fix 2956] augeas table returns no data. (#3260)
|
2017-05-11 00:00:34 -07:00 |
|
Teddy Reed
|
e8c39c5572
|
hashing: Add sha1, sha256, md5 functions (#3267)
|
2017-05-09 23:55:49 -07:00 |
|
ryanheffernan
|
b54504ef16
|
Refactoring Windows registry table to use unique_pr and return status on failure (#3228)
|
2017-05-08 10:42:44 -07:00 |
|
Dan Sedlacek
|
1413008642
|
[fix #3257] report proper routes for 0.0.0.0 (#3259)
|
2017-05-08 01:44:42 -07:00 |
|
Nick Anderson
|
8fdb0a6945
|
Adding distributed workid to carver (#3252)
|
2017-05-05 15:14:21 -07:00 |
|
Seshu Pasam
|
4cfb31452c
|
Docker support (#3241)
|
2017-05-05 09:53:12 -07:00 |
|
Nick Anderson
|
04dbbebeac
|
[Fix 3249] Addressing permissive build fail (#3250)
|
2017-05-04 23:33:32 -07:00 |
|
Teddy Reed
|
582ab52e8f
|
build: Remove SYSTEMD and _BASED logic (#3245)
|
2017-05-03 22:28:33 -07:00 |
|
lxcode
|
9482220bf0
|
Make sysctls work on FreeBSD (#3242)
|
2017-05-02 18:25:25 -07:00 |
|
Teddy Reed
|
bc13431394
|
freebsd: Fix tests and additional_tests (process, config) (#3239)
|
2017-04-29 19:53:53 -07:00 |
|
Teddy Reed
|
6496c2eef7
|
database: Remove SKIP_ROCKSDB build option (#3235)
|
2017-04-28 17:48:45 -07:00 |
|
Teddy Reed
|
4372785d5d
|
Refactor build logic to allow optional: yara, tsk, lldpd (#3226)
|
2017-04-28 13:45:41 -07:00 |
|
ryanheffernan
|
0458abc453
|
Split Startup items 'path' column into 'path' and 'args'
|
2017-04-27 23:56:08 -04:00 |
|
lxcode
|
03a9798b7e
|
FreeBSD: add functional routes.cpp, unblacklist modules (#3225)
|
2017-04-27 16:34:31 -07:00 |
|
Teddy Reed
|
e52f85f95e
|
database: Move r/w reset lock for extensions (#3219)
|
2017-04-27 00:55:02 -07:00 |
|
Robin Breathe
|
cbc34c44fe
|
Darwin: Add channel column to wifi_status and wifi_survey tables (#3221)
|
2017-04-26 14:41:24 -07:00 |
|
ryanheffernan
|
62dda71321
|
Refactor Windows Service Table to use std::unique_ptr (#3203)
|
2017-04-24 12:16:10 -07:00 |
|
Teddy Reed
|
ca8a919602
|
database: Fix TSAN-detected reset lock inversion (#3207)
|
2017-04-24 07:51:05 -07:00 |
|
Teddy Reed
|
66c177945e
|
logger: Require an open DB for status logs (#3205)
|
2017-04-23 13:16:12 -07:00 |
|
Teddy Reed
|
8b58e13733
|
rpm: Improve librpm safety (#3200)
|
2017-04-23 12:36:39 -07:00 |
|
Teddy Reed
|
65ef94f053
|
logger: Fixes to allow plugins access to hostIDs (#3197)
|
2017-04-22 18:24:25 -07:00 |
|
Teddy Reed
|
0374fde651
|
[Fix #3194] Remove qualified name from parseEvent declaration (#3198)
|
2017-04-22 18:16:20 -07:00 |
|
Gregory Heimbuecher
|
c5fd96cdf3
|
Fix #2838: Adds the event_taps table to Darwin (#3188)
|
2017-04-21 15:55:12 -07:00 |
|
Grigoriy Chudnov
|
e3a2445480
|
Add database init retry (#3179)
|
2017-04-21 15:32:40 -07:00 |
|
Teddy Reed
|
e817f3919e
|
Add hardware_disabled_types flag to control hardware_events (#3190)
|
2017-04-21 11:14:35 -07:00 |
|
Mitchell Grenier
|
d5f002d447
|
Adding a table for Time Machine Backup Destinations (#3177)
|
2017-04-20 19:15:29 -07:00 |
|
Mitchell Grenier
|
8474cf640b
|
Drop permissions properly on Linux (#3187)
|
2017-04-20 19:02:09 -07:00 |
|
Nick Anderson
|
13524f8833
|
Adding file carving feature to osquery (#3038)
|
2017-04-20 19:00:26 -07:00 |
|
Dan Sedlacek
|
13aef1fb73
|
Windows Network Routes (#3040)
|
2017-04-19 20:03:20 -07:00 |
|
Nick Anderson
|
e3ebc47498
|
Grabbing additional data fields for windows event logs (#3183)
|
2017-04-19 16:09:49 -07:00 |
|
Nick Anderson
|
6ba48afef6
|
Adding support for quote wrapped windows event channels (#3175)
|
2017-04-19 09:18:44 -07:00 |
|
tpott
|
17ab40db51
|
Add specified identifier via GFlags (#3165)
|
2017-04-18 22:30:55 -07:00 |
|
Nick Anderson
|
318dfe2d0d
|
Fixing stringToWstring crashes with wide character strings (#3170)
|
2017-04-18 09:25:30 -07:00 |
|
Nick Anderson
|
352b43a4d5
|
Adding bounds checks and key checks for appcompat shims table (#3169)
|
2017-04-16 16:14:17 -07:00 |
|
Teddy Reed
|
90078f15ea
|
events: Add hidden EID to all events tables (#3159)
|
2017-04-14 08:20:20 -07:00 |
|
Nick Anderson
|
6a90db47be
|
Adding the Windows Scheduled Tasks virtual table (#3153)
|
2017-04-13 07:53:49 -07:00 |
|
Teddy Reed
|
b3ee6c9a8d
|
tables: Fix table metadata when constraints are used (#3151)
|
2017-04-12 21:48:28 -07:00 |
|
Teddy Reed
|
649afcfff1
|
events: Use generator-tables for event subscribers (#3150)
|
2017-04-12 21:45:41 -07:00 |
|
Teddy Reed
|
c5e6db36eb
|
events: Use poll instead of select for audit and udev (#3158)
|
2017-04-12 16:10:11 -07:00 |
|
Teddy Reed
|
5fd11260ad
|
inotify: Use poll over select in inotify publisher (#3157)
|
2017-04-12 16:09:48 -07:00 |
|
Teddy Reed
|
ae4cb0ba28
|
extensions: Catch Thrift transport close exception (#3160)
|
2017-04-10 22:37:56 -07:00 |
|
Teddy Reed
|
67440ab101
|
tests: Rewrite and add filesystem tests (#3156)
|
2017-04-10 21:32:16 -07:00 |
|
yying
|
31b78cb996
|
Adding hostIdentifier, calendarTime, unixTime to status logging (#3146)
|
2017-04-10 11:56:23 -07:00 |
|
Teddy Reed
|
201fbc6707
|
extensions: Improve extensions and interface headers (#3154)
|
2017-04-10 08:59:06 -07:00 |
|
Teddy Reed
|
76fe5d748c
|
logging: Allow Glog reentrancy (#3142)
|
2017-04-06 15:57:44 -07:00 |
|
ryanheffernan
|
d1a191cbd2
|
Adding 32-bit Items to Windows startup_info table (#3144)
|
2017-04-06 14:46:05 -07:00 |
|
Teddy Reed
|
7fdbfe2a77
|
freebsd: Link rocksdb-lite (#3141)
|
2017-04-05 16:46:04 -07:00 |
|
ryanheffernan
|
f32ceb306b
|
Adding Windows Startup Info Table (#3137)
|
2017-04-05 15:14:28 -07:00 |
|
ryanheffernan
|
da427ab6c0
|
[Fix #3138] Adding index on 'key' column of Windows Registry table (#3139)
|
2017-04-05 13:02:36 -06:00 |
|
Teddy Reed
|
23f2c3a4ff
|
remote: Fix output size for TLS compression (#3133)
|
2017-04-04 18:48:31 -07:00 |
|
ryanheffernan
|
c91b905091
|
Allowing OR clause in registry virtual table (#3136)
|
2017-04-04 15:43:06 -07:00 |
|
yying
|
20f8e6cd5a
|
Adding Status Logging to AWS Kinesis/Firehose Logger Plugins (#3115)
|
2017-04-04 09:54:56 -07:00 |
|
ryanheffernan
|
5d6ea77efd
|
[Fix #3129] Check malloc result for WEL XML buffer before calling EvtRender (#3130)
|
2017-04-04 09:52:29 -07:00 |
|
Teddy Reed
|
c24603d8c9
|
logger: Add logger_min_status and disable stderr with stdout (#3131)
|
2017-04-04 08:12:26 -07:00 |
|
Teddy Reed
|
ed2a6b2b6c
|
deps: Update thrift to 0.10.0 (#3127)
|
2017-04-03 00:06:22 -07:00 |
|
Teddy Reed
|
cea8da9829
|
freebsd: Add lldpd to dependencies (#3124)
|
2017-04-02 13:04:10 -07:00 |
|
Teddy Reed
|
e330203e9d
|
Remove enable_monitor flag functions (#3123)
|
2017-04-01 23:05:45 -07:00 |
|
Teddy Reed
|
7b6e4c7a27
|
audit: Optimize user_events and add auid (#3120)
|
2017-03-31 08:30:45 -07:00 |
|
Allan Liu
|
1555989cd2
|
prometheus_metrics: exposed request timeout configuration (#3113)
|
2017-03-31 07:54:34 -07:00 |
|
yying
|
5bbff29387
|
Locking issue with osquery::resetDatabase (#3116)
|
2017-03-30 09:34:31 -07:00 |
|
ryanheffernan
|
fdf07f590f
|
Adding Globbing Support for Windows Registry Table (#3100)
|
2017-03-28 18:17:46 -07:00 |
|
Teddy Reed
|
e9500c218c
|
freebsd: Update provision script for CI (#3112)
|
2017-03-26 23:53:06 -07:00 |
|
Teddy Reed
|
0ac90e75fa
|
extensions: shell: Check for socket path ownership (#3109)
|
2017-03-26 21:24:24 -07:00 |
|
Teddy Reed
|
0eddc3e613
|
tables: Add macOS python2.7 frameworks (#3108)
|
2017-03-26 19:44:23 -07:00 |
|
Teddy Reed
|
396201b2fb
|
extensions: No not use noverbose in autoloading (#3107)
|
2017-03-26 19:43:50 -07:00 |
|
Rubab-Syed
|
92e545e6bf
|
Python packages (#3089)
|
2017-03-26 00:03:10 -07:00 |
|
Teddy Reed
|
345c511a61
|
hash: Only return hashes for files hashed (#3106)
|
2017-03-25 18:03:21 -07:00 |
|
Allan Liu
|
f7747726b8
|
pci_devices: unique_ptr wrapper for udev pointers (#3094)
|
2017-03-24 19:10:55 -07:00 |
|
Teddy Reed
|
f6f9480874
|
extensions: Preserve environment in auto-loaded extensions (#3101)
|
2017-03-24 18:47:23 -07:00 |
|
ryanheffernan
|
995648f337
|
[Fix #3097] Fixing Crash when sanitizing REG_NONE types from Windows Registry (#3098)
|
2017-03-24 18:46:01 -07:00 |
|
Nick Anderson
|
198ee7ab89
|
Change users table to query from registry instead of WMI (#3095)
|
2017-03-23 09:18:06 -07:00 |
|
Teddy Reed
|
bc85f726ad
|
events: Execute schedule before expiring (#3091)
|
2017-03-21 12:38:04 -07:00 |
|
Teddy Reed
|
c36a6253b5
|
packs: Run centos and ubuntu platforms on all Linux (#3088)
|
2017-03-21 01:11:57 -07:00 |
|
Teddy Reed
|
69bb69fd6d
|
events: Inspect schedule and improve tests (#3087)
|
2017-03-20 22:03:09 -07:00 |
|
Nick Anderson
|
05c32bf9ad
|
Adding a warning when read surpasses limits in hash table (#3090)
|
2017-03-20 10:31:55 -07:00 |
|
Teddy Reed
|
43eddc0bf3
|
watcher: Set default memory limit to 200M (#3086)
|
2017-03-18 16:38:47 -07:00 |
|
Mitchell Grenier
|
9715fdbd84
|
Adding discovery query support to distributed queries (#3049)
|
2017-03-17 22:00:45 -07:00 |
|
ryanheffernan
|
5671bb720b
|
Refactoring Windows Registry table to be more like the file table (#3073)
|
2017-03-17 12:47:11 -07:00 |
|
Teddy Reed
|
7b6d026820
|
rocksdb: Update to 5.0 and use DeleteRange for expirations (#3066)
|
2017-03-17 12:40:07 -07:00 |
|
Teddy Reed
|
3a5aca9c94
|
Add getQueryTables to inspect tables scanned (#3056)
|
2017-03-15 18:48:01 -07:00 |
|
Teddy Reed
|
1e71f4aab8
|
Introduce generator/yield-style virtual tables (#3060)
|
2017-03-15 18:46:42 -07:00 |
|
Zachary Wasserman
|
cea5981182
|
Fix platform detection in os_version table on CentOS6 (#3071)
|
2017-03-15 18:41:13 -07:00 |
|
Teddy Reed
|
bd88d0059a
|
rocksdb: Set a max size for RocksDB MANIFEST logs (#3065)
|
2017-03-13 20:35:07 -07:00 |
|
Teddy Reed
|
370b319237
|
Remove include of thrift/TOutput (#3063)
|
2017-03-13 17:33:42 -07:00 |
|
Nick Anderson
|
c8c5b7fa22
|
[Fix #3051] Adding header include to fix __cpuidex fail (#3052)
|
2017-03-10 13:45:11 -08:00 |
|
Nick Anderson
|
d65899a7cf
|
Bumping cpp-netlib and boost libs (#3046)
|
2017-03-08 14:51:41 -08:00 |
|
Andrew Rose
|
a57e409bea
|
chrome_extensions table with basic localization support (#3017)
|
2017-03-01 14:33:46 -08:00 |
|
Allan Liu
|
0cf0c3b428
|
lldp_neighbors: posix table spec and table implementation (#2957)
|
2017-02-28 10:02:13 -08:00 |
|
Teddy Reed
|
f5bcc66ee3
|
Add SMEP/SMAP and other CPUID features (#3024)
|
2017-02-28 05:22:29 -08:00 |
|
Allan Liu
|
3c3d649b1e
|
Prometheus Metrics table (#2925)
|
2017-02-26 21:59:51 -08:00 |
|
Teddy Reed
|
5604a7a99b
|
freebsd: Rollup of build and source fixes (#3022)
|
2017-02-26 18:25:49 -08:00 |
|
Santosh Ananthakrishnan
|
d3adaedbb1
|
Allow reloading filesystem config with --config_refresh (#2967)
|
2017-02-26 17:45:06 -08:00 |
|
Teddy Reed
|
0de5d3c381
|
external: Enable external applications through make external (#3023)
|
2017-02-26 17:38:01 -08:00 |
|
Teddy Reed
|
a70587346b
|
remote: Edge case for Windows 2012 errors (#3021)
|
2017-02-26 02:59:35 -08:00 |
|
Teddy Reed
|
4c48973634
|
deps: Add patch to cpp-netlib for HTTPS IPv6 (#3020)
|
2017-02-25 19:11:38 -08:00 |
|
Teddy Reed
|
3e6e9769fe
|
linux: Fix SMBIOS reading from EFI systab (#3018)
|
2017-02-24 00:52:20 -08:00 |
|
Nick Anderson
|
5299e26bd3
|
Updating users table to pickup users with no profile (#3009)
|
2017-02-23 20:01:36 -08:00 |
|
Teddy Reed
|
86e6bd1a73
|
Add additional regions to AWS Kinesis (#3013)
|
2017-02-21 20:52:10 -08:00 |
|
Teddy Reed
|
d1d21cda78
|
darwin: Use boost shared_mutex for OS X (#3003)
|
2017-02-15 14:17:40 -08:00 |
|
yying
|
d5cb6a3784
|
Adding flags to enable CFI on Windows (#2986)
|
2017-02-10 18:10:22 -08:00 |
|
Nick Anderson
|
6ab460f5db
|
Moving default channel list to default flag value (#2981)
|
2017-02-07 19:10:37 -08:00 |
|
Teddy Reed
|
65bfcda995
|
linux: memory_map additional out of range check (#2984)
|
2017-02-07 19:06:13 -08:00 |
|
cmillikin
|
ce773648b6
|
linux: Fix memory_map bug line out of range (#2983)
|
2017-02-07 17:48:34 -08:00 |
|
Teddy Reed
|
f8c16b0316
|
extensions: Gate access to resource state within Handler (#2975)
|
2017-02-07 11:45:55 -08:00 |
|
Javier Marcos
|
d2e7295462
|
Catch exception when parsing carbon black ini/settings file (#2972)
|
2017-02-06 18:27:57 -08:00 |
|
Teddy Reed
|
78ed32a673
|
events: Add locks around publisher and subscriber name accesses (#2969)
|
2017-02-06 01:17:38 -08:00 |
|
Teddy Reed
|
952ddac9db
|
tests: Reduce large file test to 20M (#2971)
|
2017-02-06 00:55:17 -08:00 |
|
Teddy Reed
|
f95b14ac95
|
worker: Prefer null character over spaces when clearing argv (#2968)
|
2017-02-06 00:51:05 -08:00 |
|
Teddy Reed
|
691aefe1f8
|
sql: Reorder SQLite manager mutex locking (#2965)
|
2017-02-03 22:58:09 -08:00 |
|
Teddy Reed
|
f54a974ff6
|
events: Fix locking around FSEvents (#2966)
|
2017-02-03 22:57:38 -08:00 |
|
Mike Arpaia
|
7a019d8226
|
Bundle cURL PEM into packages (#2950)
|
2017-02-02 20:46:13 -08:00 |
|
Nick Anderson
|
e961fc850e
|
Adding the Windows event log publisher (#2937)
|
2017-02-02 17:05:58 -08:00 |
|
Nick Anderson
|
11da0674e6
|
Converting fileops to support Windows 7 (#2952)
|
2017-02-01 10:08:48 -08:00 |
|
Jonathan Lee
|
a1de136c1a
|
Change logging level in certain cases (#2896)
|
2017-01-31 08:07:42 -08:00 |
|
Mitchell Grenier
|
9c3ef43806
|
Adding success awareness to TLS config plugin (#2877)
|
2017-01-30 14:08:37 -08:00 |
|
Teddy Reed
|
2e5662a4c4
|
Address the invalid uid for Linux processes (#2946)
|
2017-01-28 13:34:42 -08:00 |
|
Teddy Reed
|
73a0184ca4
|
Add externals subdirectory within osquery subdirectory (#2948)
|
2017-01-28 13:19:47 -08:00 |
|
Mike Arpaia
|
2ad1d8839f
|
Introduce two new host identifier options (#2944)
|
2017-01-27 17:56:50 -08:00 |
|
lambda-conjecture
|
88d9ae8a3d
|
Handle corrupted rocksdb database (#2884)
|
2017-01-27 16:21:07 -08:00 |
|
Teddy Reed
|
487f7ee59b
|
extensions: Select ephemeral path for shell socket (#2945)
|
2017-01-27 15:56:40 -08:00 |
|
Teddy Reed
|
bdf65e360e
|
Allow autoload extensions to retry loading (#2932)
|
2017-01-26 12:33:23 -08:00 |
|
Teddy Reed
|
58ed5cc628
|
Introduce scheduler reload feature (#2917)
|
2017-01-25 17:48:33 -08:00 |
|
Teddy Reed
|
976db066c0
|
Use logtostderr in initStatusLogger (#2936)
|
2017-01-25 14:52:58 -08:00 |
|
Samuel Keeley
|
743580f208
|
Add country_code to wifi_status and wifi_survey tables. (#2940)
|
2017-01-25 10:20:39 -08:00 |
|
Nick Anderson
|
476cd714f4
|
Adding warning line for registry queries against HKCU (#2938)
|
2017-01-24 15:09:40 -08:00 |
|
lambda-conjecture
|
721dd1ed62
|
Fix column order and repeated columns in distributed query (#2926)
|
2017-01-20 22:52:47 -08:00 |
|
Teddy Reed
|
cdb0bef64c
|
Emit only ERROR logs to osqueryd stderr (#2928)
|
2017-01-19 23:22:41 -08:00 |
|
Teddy Reed
|
eb565bb8e1
|
Do not exit watcher after failed autoloaded extensions (#2927)
|
2017-01-19 21:00:49 -08:00 |
|
Teddy Reed
|
b2a90cd6e4
|
Do not control stderr teeing automatically (#2919)
|
2017-01-17 17:18:03 -08:00 |
|
Teddy Reed
|
2713926990
|
Fix deadlock in decorator execution (#2916)
|
2017-01-17 17:13:09 -08:00 |
|
Teddy Reed
|
aa5f52b5c7
|
Fix Darwin processes on_disk column (#2918)
|
2017-01-17 17:12:42 -08:00 |
|
Teddy Reed
|
f9599d60d0
|
Move Mutex to shared_timed_mutex and add ReadLock (#2915)
|
2017-01-15 02:16:40 -08:00 |
|
Teddy Reed
|
a6669409a1
|
Disable query caching in TLSServerRunner (#2914)
|
2017-01-15 02:05:26 -08:00 |
|
Teddy Reed
|
214eeca44a
|
Allow POSIX to gracefully stop workers (#2909)
|
2017-01-15 01:25:59 -08:00 |
|
Teddy Reed
|
1d758b1d9a
|
Allow watchdog watcher to wait for child exits (#2908)
|
2017-01-12 18:09:46 -08:00 |
|
Mike Arpaia
|
762e31a001
|
Uptime implementation on Windows (#2906)
|
2017-01-11 21:25:39 -08:00 |
|
Nick Anderson
|
57a6a9441e
|
moving #pragma comment statements to CMakeLists (#2904)
|
2017-01-11 16:54:13 -08:00 |
|
Teddy Reed
|
5097dfe775
|
config: Add schedule lock during source update (#2902)
|
2017-01-11 00:05:01 -08:00 |
|
Teddy Reed
|
d665b9b759
|
homebrew_packages: Search above Homebrew for Cellars (#2901)
|
2017-01-10 21:15:05 -08:00 |
|
Teddy Reed
|
0178419085
|
Add a TLS config plugin test that runs the scheduler (#2898)
|
2017-01-10 19:52:58 -08:00 |
|
Dan Sedlacek
|
1d604fc1af
|
[windows] arp_cache virtual table (#2839)
|
2017-01-10 19:09:46 -08:00 |
|
Nick Anderson
|
0307ec3f3a
|
Adding the windows logged_in_users virtual table (#2891)
|
2017-01-08 13:19:09 -08:00 |
|
Teddy Reed
|
0e9733f94c
|
Simplify Registry and plugin concepts (#2887)
|
2017-01-07 12:21:35 -08:00 |
|
Nick Anderson
|
91ecf22e44
|
Updating processes table to contain UID and GID (#2889)
|
2017-01-04 08:41:06 -08:00 |
|
Jonathan Lee
|
383e07e5be
|
[Fix #2734] Remove OpenSSL link dependency for osquery core (#2750)
|
2016-12-22 00:37:59 -08:00 |
|