valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,621 Commits 2 Branches 109 Tags 25 MiB
e69f72cd56
Commit Graph

1621 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mitchell Grenier
9a1fdf0cbe eXtended attribute table optimization attack surface minification 
The extended attributes table used to have its own parsing algorithm
and functions. These are unnecessary because osquery has built in PLIST parsing
provided by the operating system. Thus, I've moved the code to using that and
removed the xattr tests because they only tested the now non-existant parsing.

Further, the files have been renamed so they should now play nice with the
included profiler.
 2015-04-02 13:27:12 -07:00
Mitchell Grenier
1a7dce6453 Merge pull request #917 from jedi22/firefox_plugins 
Adding the ability to get addons in Ubuntu
 2015-04-02 10:45:08 -07:00
Javier Marcos
796259a36e Merge pull request #925 from maus-/patch-2 
Cleaned up Vagrantfile
 2015-04-01 13:59:20 -07:00
maus-
e9631bd823 Update Vagrantfile 
Forgive me as I've forgotten how to read
 2015-04-01 13:22:22 -07:00
maus-
fc950e702b Update Vagrantfile 2015-04-01 12:25:10 -07:00
maus-
6c3ef967b5 Cleaned up Vagrantfile 
Forgot a line, my bad!
 2015-04-01 12:22:40 -07:00
Mitchell Grenier
560bfcdc02 Adding the ability to get addons in Ubuntu 
I added a couple preprocessor macros so the table can be used under all linux distros
 as well
 2015-04-01 10:41:56 -07:00
Teddy Reed
b1640a9c0c Merge pull request #906 from eastebry/902_clean_option 
Added clean options, general osqueryctl cleanups
 2015-03-31 22:17:38 -07:00
Bryan Eastes
afe76d4f6e Added clean options, general osqueryctl cleanups 2015-03-31 21:50:28 -07:00
Teddy Reed
8482b618e3 Merge pull request #918 from maus-/patch-1 
Cleaned up Vagrantfile
 2015-03-31 20:31:35 -07:00
maus-
016fe5a0d5 Cleaned up Vagrantfile 2015-03-31 19:53:29 -07:00
Mitchell Grenier
4c1d25bc12 Merge pull request #921 from jedi22/keychain_seg_fix 
[Fix #919] Fixing segfault for non-existent path in keychain_items
 2015-03-31 18:42:06 -07:00
Mitchell Grenier
57afea9449 Quick segfault fix 2015-03-31 18:20:27 -07:00
maus-
d033190cbf Cleaned up Vagrantfile 2015-03-31 16:57:25 -07:00
Teddy Reed
800dc7745e [#907] Bump tp to prefer non-execl logs 2015-03-30 15:36:56 -07:00
Teddy Reed
433931094a Merge pull request #914 from theopolis/date_logs 
[Fix #907] Use glog to log to data-identified files
 2015-03-30 14:07:06 -07:00
Teddy Reed
53782c1c7c [Fix #907] Use glog to log to data-identified files 2015-03-30 12:49:57 -07:00
Teddy Reed
448215aa41 Merge pull request #899 from theopolis/pkg_tables 
[#890] Add package_receipts/package_bom OS X tables
 2015-03-30 10:38:07 -07:00
Teddy Reed
2a29651b2e Merge pull request #912 from theopolis/external_registry 
Declare extension registries 'external'
 2015-03-30 09:54:35 -07:00
Teddy Reed
fc623d98d5 Declare extension registries 'external' 2015-03-30 02:03:26 -07:00
Teddy Reed
52a3dd5f86 Remove '_' in ubuntu package revision 2015-03-29 12:28:10 -06:00
Teddy Reed
692c1b1751 Add package_receipts/package_bom OS X tables 2015-03-27 23:12:09 -07:00
Teddy Reed
d9d068bb5d Merge pull request #910 from theopolis/centos_pkgs 
Remove snappy/libproc from CentOS deps
 2015-03-27 20:04:45 -07:00
Teddy Reed
c37474775c Remove snappy/libproc from CentOS deps 2015-03-27 19:19:55 -07:00
Teddy Reed
76e769d95e Merge pull request #908 from theopolis/linux_process_opt 
Remove libprocps(ng) in favor of parsing proc manually
 2015-03-27 12:51:25 -07:00
Teddy Reed
020cf83046 Merge pull request #905 from theopolis/config_update_extension 
Add 'update' action to ConfigPlugin call
 2015-03-27 12:38:41 -07:00
Teddy Reed
38bfed3414 Remove libprocps(ng) in favor of parsing proc manually 2015-03-27 12:37:16 -07:00
Mike Arpaia
80a4a16ba0 Merge pull request #904 from theopolis/manage_exts 
Prevent extensions autoload when extensions are disabled
 2015-03-27 10:58:54 -07:00
Teddy Reed
4fc274201c Add 'update' action to ConfigPlugin call 
ConfigPlugin items can use action='update' along with a single
source, data to add to the config structure. If multiple external
sources update at the same time, multiple 'update' actions are needed.
 2015-03-24 20:59:33 -07:00
Teddy Reed
ec3854ced0 Prevent extensions autoload when extensions are disabled 2015-03-24 17:44:49 -07:00
Teddy Reed
2ba009de2d Merge pull request #889 from theopolis/config_update 
Support specific config source async updating
 2015-03-24 16:55:12 -07:00
Teddy Reed
7fbc7140ca Merge pull request #901 from theopolis/better_events 
Reduce restart times for event runloops
 2015-03-24 16:42:44 -07:00
Teddy Reed
14a09cc6f2 Change schedule to a map, splay on config update 2015-03-24 16:28:49 -07:00
Teddy Reed
a97d557e5a Add shared lock RAII helper around config access 2015-03-24 16:27:35 -07:00
Teddy Reed
5b227c8e3d Scheduler organization for async config updates 2015-03-24 16:27:35 -07:00
Teddy Reed
2c4d9a8c88 Support specific config source async updating 2015-03-24 16:27:35 -07:00
Teddy Reed
eee5b7d462 Reduce restart times for event runloops 2015-03-24 16:27:07 -07:00
Teddy Reed
77022f9d52 Merge pull request #900 from dreid/patch-1 
Correct typo: hose -> host.
 2015-03-24 13:46:26 -07:00
David Reid
580fb6739e Correct typo: hose -> host. 2015-03-24 13:31:25 -07:00
Teddy Reed
aca6839a44 Merge pull request #897 from theopolis/ad_config 
[#892] Adding ad_config table to OS X
 2015-03-24 00:29:51 -07:00
Mitchell Grenier
08ecd2ed80 Merge pull request #883 from jedi22/backslash_fix 
[Fix #877] Removing an extra escape
 2015-03-23 17:39:19 -07:00
Mitchell Grenier
c8e116aa7d Reinstated the extra escape with changes 
I put the original escape back in but redirected the call to a new function
that will escape characters in the form of \xNN when:

`byte < 0x20 || byte >= 0x80`

This leaves slashes alone and should fix this issue.

UPDATE: Tests have also been added. Added an English test to test for NOP.
 2015-03-23 10:49:28 -07:00
Teddy Reed
6d0e64d548 Adding ad_config table to OS X 2015-03-23 10:10:01 -07:00
Teddy Reed
0aec983b0e Merge pull request #896 from theopolis/fix_895 
[Fix #895] Prevent subkey stacking in preferences
 2015-03-22 18:56:52 -07:00
Teddy Reed
f25e151d9e [Fix #895] Prevent subkey stacking in preferences 2015-03-22 18:45:25 -07:00
Mike Arpaia
eda7726880 Merge pull request #891 from marpaia/host-identifier 
list the options for host_identifier flag
 2015-03-22 00:40:53 -07:00
mike@arpaia.co
cae5f7800d list the options for host_identifier flag 2015-03-22 00:38:11 -07:00
Teddy Reed
709723efda Merge pull request #880 from theopolis/shell_db 
Remove unused shell functions
 2015-03-19 21:33:37 -07:00
Mike Arpaia
c2e2641084 Merge pull request #887 from theopolis/homebrew_fix 
[Fix #885] Use list directories for homebrew
 2015-03-19 16:44:55 -07:00
Mike Arpaia
7a4c40ea05 Merge pull request #886 from theopolis/init_fix 
[Fix #884] Remove return 1s when no action needed in init
 2015-03-19 16:44:24 -07:00