valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 01:55:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,304 Commits 2 Branches 109 Tags 25 MiB
e50a38490b
Commit Graph

137 Commits

Author SHA1 Message Date
Nick Anderson
e50a38490b
bug: wait for service thread to finish before exiting with SCM (#4386) 2018-05-11 14:30:16 -07:00
Nick Anderson
6eb695bf9b
service: add full path for service binary (#4316) 2018-05-01 20:47:22 -07:00
Nick Anderson
305108155a
bug: handle windows service shutdowns gracefully (#4286) 2018-04-18 07:51:04 -07:00
uptycs-nishant
c475fe880b TLS session reuse support (#3948) 2018-02-11 01:48:24 -08:00
Teddy Reed
6f20eced93
thrift: Optionally build and link with fbthrift (#4105) 2018-02-10 23:37:15 -08:00
Teddy Reed
00040c6c1a
feature: URI parsing from folly (#4035) 2018-01-06 20:26:36 -08:00
Teddy Reed
f6d077cbf7
license: Change license to Apache 2.0 and GPLv2 (#4007) 2017-12-18 16:04:06 -08:00
Nick Anderson
1097827ca2
daemon: set service status to SERVICE_STOPPED on exit (#3973) 2017-11-29 21:12:49 -08:00
Teddy Reed
3ad5267642
[Fix #3941] Stop renaming worker and extension argv[0] (#3943) 2017-11-20 07:24:55 -08:00
Teddy Reed
a7c2669ba3
tidy: Improve clang-tidy (modernize) list of checks and run across codebase (#3870) 2017-10-29 22:25:49 -07:00
Teddy Reed
4aa3db30ca [Fix #3859] Lock every access to SQLiteDBInstance::db (#3883) 2017-10-24 11:40:26 -07:00
Teddy Reed
676430b019 [Fix #3831] Do not lock kAttachMutex within shell callbacks (#3837) 2017-10-16 13:46:14 -07:00
Nick Anderson
4ac3f42656 [Fix #3619] Better shutdown logic for Windows service controller (#3698) 2017-09-18 14:15:09 -07:00
Nick Anderson
072e73b54d shell: ensuring shell does not access stop event (#3664) 2017-09-08 13:03:31 -07:00
Nick Anderson
2a317ce17f worker: shutdown safely on Windows only if not worker (#3628) 2017-08-30 08:45:56 -07:00
Teddy Reed
f29de27649 Combine osqueryi and osqueryd into single binary (#2742) 2017-08-27 11:09:25 -07:00
Teddy Reed
f8f5718297 watcher: Do not initialize the config in watcher (#3403) 2017-06-13 17:26:34 -07:00
Teddy Reed
70f30b99d8 watcher: Rename instance to get for consistency (#3359) 2017-05-29 17:16:19 -07:00
Teddy Reed
f6f9480874 extensions: Preserve environment in auto-loaded extensions (#3101) 2017-03-24 18:47:23 -07:00
Teddy Reed
69bb69fd6d events: Inspect schedule and improve tests (#3087) 2017-03-20 22:03:09 -07:00
Teddy Reed
0e9733f94c Simplify Registry and plugin concepts (#2887) 2017-01-07 12:21:35 -08:00
Teddy Reed
e9bbe1d624 Add Linux audit benchmarks (#2834) 2016-12-03 12:36:55 -08:00
Teddy Reed
62608f9a08 Minor reorganization of osqueryi linking (#2724) 2016-11-06 01:17:48 -08:00
Jonathan Lee
f529fc3a30 [Fix #2652] Shorten long lines (#2664) 2016-10-21 22:08:59 -07:00
Nick Anderson
87c9a6ae24 Adding cppcheck analysis script (#2661) 2016-10-21 14:27:10 -07:00
Nick Anderson
81d2794b26 platformGetUid returns 0 for Administrator user (#2643) 2016-10-19 10:25:32 -07:00
Teddy Reed
9a0c5c4556 deps: Use linenoise-ng for all platforms (#2613) 2016-10-11 22:16:21 -07:00
yying
7b5365d986 Ability to parse arguments for Windows Services (#2536) 2016-09-27 14:40:44 -07:00
Teddy Reed
4d1451c9b4 Add extensions SDK incompatibility checking (#2527) 2016-09-26 17:32:41 -07:00
yying
bb7d558681 Update service status to prevent "Terminated Unexpectedly" error (#2515) 2016-09-23 20:05:56 -07:00
Nick Anderson
83442532d7 Added flagfile to Windows service install (#2509) 2016-09-22 17:44:21 -07:00
Nick Anderson
5877c3d464 Removing service start functionality (#2464) 2016-09-16 15:17:03 -07:00
Nick Anderson
386f123e03 Changing windows service name for parity with other platforms (#2465) 2016-09-16 15:16:48 -07:00
yying
a27d6567e4 Core and Additional Tests (#2441) 2016-09-12 09:46:52 -07:00
yying
84e6a3401a Reducing compiler warnings and fails on warn in VS (#2433) 2016-09-02 15:04:03 -07:00
Nick Anderson
feb18c6173 Adding install/uninstall flags to daemon (#2379) 2016-08-17 09:23:11 -07:00
Gary
8f57d2ea81 Change second FLAGS_pofile_delay to seconds (#2359) 2016-08-15 08:30:20 -07:00
Teddy Reed
791dd4038a [Fix #2342] Use seconds for --profile_delay precision (#2348) 2016-08-11 07:49:55 -07:00
Teddy Reed
f3f605e26a Introduce a PLATFORM_MASK and isPlatform (#2334) 
Along with the platform defines and platform string defines provided by
CMake to the build, add a PLATFORM_MASK define.

Use this define as a platform-type mask with the PlatformType enum.
 2016-08-09 20:27:42 -07:00
yying
0ef284b8e7 Changes to make osqueryd/osqueryi mostly build sans cputime/uptime tables (#2283) 2016-07-25 11:58:55 -07:00
yying
2fb3797c53 Changes to support building a osquery Windows service. (#2278) 2016-07-22 13:29:37 -07:00
yying
547e8f961c CMake configuration file changes to support Windows (#2258) 2016-07-20 23:48:55 -07:00
Zachary Wasserman
8161a5f0a8 Add autocompletion of table names in osqueryi (#2236) 2016-07-14 14:15:32 -07:00
Teddy Reed
48cb4d555d Add systemLog API (#2229) 
This includes a minor SDK refactor as it move quite a few specialized
functions and facilities from core.h into system.h. There was a breaking point
for needing to frequently update core includes.

The new logger systemLog function allows a call site to bypass logging config
and write a line to the OS logger (aka syslog).
 2016-07-07 15:16:28 -07:00
artemdinaburg
e6fbde820e Windows Daemon/Shell: Make osquery code more Windows-friendly (#2188) 2016-07-01 14:56:07 -07:00
Nick Anderson
cf30388705 Moved test_utils to it's own directory out of core. Updated references (#2154) 2016-06-09 10:49:26 -07:00
Sharvil Shah
8b0e6e138f Fix benchmark target and bump version of google-benchmark to 1.0.0 (#2065) 2016-05-19 11:56:54 -07:00
yying
15d1455957 Process Operations - osquery/core Integration (#2087) 
This integrates the process abstraction operations within osquery core.
 2016-05-13 19:47:45 -07:00
Teddy Reed
0ffe0c9d16 Add --pack flag to the shell (#2093) 
This introduces a new testing-related flag to the osqueryi shell.
The --pack flag takes a single argument, the name of a configured pack.

To list the configured packs try:
$ osqueryi -A osquery_packs

To run all queries, immediately and serially, try:
$ osqueryi --pack NAME_OF_PACK
 2016-05-12 09:22:05 -07:00
yying
63c0258aec Abstracted platform specific process operations into a common interface. (#2069) 
Added Windows support for process operations.
Added unit tests for process abstraction code for POSIX and Windows.
Modified CMake config files to support building the new code and unit tests.
 2016-05-11 14:16:32 -07:00