Teddy Reed
|
65bfcda995
|
linux: memory_map additional out of range check (#2984)
|
2017-02-07 19:06:13 -08:00 |
|
cmillikin
|
ce773648b6
|
linux: Fix memory_map bug line out of range (#2983)
|
2017-02-07 17:48:34 -08:00 |
|
Teddy Reed
|
f8c16b0316
|
extensions: Gate access to resource state within Handler (#2975)
|
2017-02-07 11:45:55 -08:00 |
|
Javier Marcos
|
d2e7295462
|
Catch exception when parsing carbon black ini/settings file (#2972)
|
2017-02-06 18:27:57 -08:00 |
|
Teddy Reed
|
78ed32a673
|
events: Add locks around publisher and subscriber name accesses (#2969)
|
2017-02-06 01:17:38 -08:00 |
|
Teddy Reed
|
952ddac9db
|
tests: Reduce large file test to 20M (#2971)
|
2017-02-06 00:55:17 -08:00 |
|
Teddy Reed
|
f95b14ac95
|
worker: Prefer null character over spaces when clearing argv (#2968)
|
2017-02-06 00:51:05 -08:00 |
|
Teddy Reed
|
691aefe1f8
|
sql: Reorder SQLite manager mutex locking (#2965)
|
2017-02-03 22:58:09 -08:00 |
|
Teddy Reed
|
f54a974ff6
|
events: Fix locking around FSEvents (#2966)
|
2017-02-03 22:57:38 -08:00 |
|
Mike Arpaia
|
7a019d8226
|
Bundle cURL PEM into packages (#2950)
|
2017-02-02 20:46:13 -08:00 |
|
Nick Anderson
|
e961fc850e
|
Adding the Windows event log publisher (#2937)
|
2017-02-02 17:05:58 -08:00 |
|
Nick Anderson
|
11da0674e6
|
Converting fileops to support Windows 7 (#2952)
|
2017-02-01 10:08:48 -08:00 |
|
Jonathan Lee
|
a1de136c1a
|
Change logging level in certain cases (#2896)
|
2017-01-31 08:07:42 -08:00 |
|
Mitchell Grenier
|
9c3ef43806
|
Adding success awareness to TLS config plugin (#2877)
|
2017-01-30 14:08:37 -08:00 |
|
Teddy Reed
|
2e5662a4c4
|
Address the invalid uid for Linux processes (#2946)
|
2017-01-28 13:34:42 -08:00 |
|
Teddy Reed
|
73a0184ca4
|
Add externals subdirectory within osquery subdirectory (#2948)
|
2017-01-28 13:19:47 -08:00 |
|
Mike Arpaia
|
2ad1d8839f
|
Introduce two new host identifier options (#2944)
|
2017-01-27 17:56:50 -08:00 |
|
lambda-conjecture
|
88d9ae8a3d
|
Handle corrupted rocksdb database (#2884)
|
2017-01-27 16:21:07 -08:00 |
|
Teddy Reed
|
487f7ee59b
|
extensions: Select ephemeral path for shell socket (#2945)
|
2017-01-27 15:56:40 -08:00 |
|
Teddy Reed
|
bdf65e360e
|
Allow autoload extensions to retry loading (#2932)
|
2017-01-26 12:33:23 -08:00 |
|
Teddy Reed
|
58ed5cc628
|
Introduce scheduler reload feature (#2917)
|
2017-01-25 17:48:33 -08:00 |
|
Teddy Reed
|
976db066c0
|
Use logtostderr in initStatusLogger (#2936)
|
2017-01-25 14:52:58 -08:00 |
|
Samuel Keeley
|
743580f208
|
Add country_code to wifi_status and wifi_survey tables. (#2940)
|
2017-01-25 10:20:39 -08:00 |
|
Nick Anderson
|
476cd714f4
|
Adding warning line for registry queries against HKCU (#2938)
|
2017-01-24 15:09:40 -08:00 |
|
lambda-conjecture
|
721dd1ed62
|
Fix column order and repeated columns in distributed query (#2926)
|
2017-01-20 22:52:47 -08:00 |
|
Teddy Reed
|
cdb0bef64c
|
Emit only ERROR logs to osqueryd stderr (#2928)
|
2017-01-19 23:22:41 -08:00 |
|
Teddy Reed
|
eb565bb8e1
|
Do not exit watcher after failed autoloaded extensions (#2927)
|
2017-01-19 21:00:49 -08:00 |
|
Teddy Reed
|
b2a90cd6e4
|
Do not control stderr teeing automatically (#2919)
|
2017-01-17 17:18:03 -08:00 |
|
Teddy Reed
|
2713926990
|
Fix deadlock in decorator execution (#2916)
|
2017-01-17 17:13:09 -08:00 |
|
Teddy Reed
|
aa5f52b5c7
|
Fix Darwin processes on_disk column (#2918)
|
2017-01-17 17:12:42 -08:00 |
|
Teddy Reed
|
f9599d60d0
|
Move Mutex to shared_timed_mutex and add ReadLock (#2915)
|
2017-01-15 02:16:40 -08:00 |
|
Teddy Reed
|
a6669409a1
|
Disable query caching in TLSServerRunner (#2914)
|
2017-01-15 02:05:26 -08:00 |
|
Teddy Reed
|
214eeca44a
|
Allow POSIX to gracefully stop workers (#2909)
|
2017-01-15 01:25:59 -08:00 |
|
Teddy Reed
|
1d758b1d9a
|
Allow watchdog watcher to wait for child exits (#2908)
|
2017-01-12 18:09:46 -08:00 |
|
Mike Arpaia
|
762e31a001
|
Uptime implementation on Windows (#2906)
|
2017-01-11 21:25:39 -08:00 |
|
Nick Anderson
|
57a6a9441e
|
moving #pragma comment statements to CMakeLists (#2904)
|
2017-01-11 16:54:13 -08:00 |
|
Teddy Reed
|
5097dfe775
|
config: Add schedule lock during source update (#2902)
|
2017-01-11 00:05:01 -08:00 |
|
Teddy Reed
|
d665b9b759
|
homebrew_packages: Search above Homebrew for Cellars (#2901)
|
2017-01-10 21:15:05 -08:00 |
|
Teddy Reed
|
0178419085
|
Add a TLS config plugin test that runs the scheduler (#2898)
|
2017-01-10 19:52:58 -08:00 |
|
Dan Sedlacek
|
1d604fc1af
|
[windows] arp_cache virtual table (#2839)
|
2017-01-10 19:09:46 -08:00 |
|
Nick Anderson
|
0307ec3f3a
|
Adding the windows logged_in_users virtual table (#2891)
|
2017-01-08 13:19:09 -08:00 |
|
Teddy Reed
|
0e9733f94c
|
Simplify Registry and plugin concepts (#2887)
|
2017-01-07 12:21:35 -08:00 |
|
Nick Anderson
|
91ecf22e44
|
Updating processes table to contain UID and GID (#2889)
|
2017-01-04 08:41:06 -08:00 |
|
Jonathan Lee
|
383e07e5be
|
[Fix #2734] Remove OpenSSL link dependency for osquery core (#2750)
|
2016-12-22 00:37:59 -08:00 |
|
Teddy Reed
|
8fcb3659ee
|
Fix OS X platform_info address column (#2880)
|
2016-12-16 18:20:24 -08:00 |
|
Teddy Reed
|
ae19b7797d
|
Allow EINTR within ThriftTransport (#2879)
|
2016-12-16 18:12:02 -08:00 |
|
Zachary Wasserman
|
b855366c3b
|
Generate random Kinesis partition keys per-record (#2872)
|
2016-12-16 16:34:02 -08:00 |
|
Teddy Reed
|
8bc2ad20cd
|
[Fix #2874] Check apt_sources resource initialization (#2878)
|
2016-12-15 20:55:24 -08:00 |
|
Ryan Holeman
|
31e395a078
|
Removed stream name checking for aws kinesis and firehose setup (#2867)
|
2016-12-15 10:56:27 -08:00 |
|
lambda-conjecture
|
83f7ebd564
|
Fix cpu_time for centos 6.8 (#2870)
|
2016-12-15 09:35:26 -08:00 |
|
Teddy Reed
|
3f827e50bd
|
Fix plist NSString raw pointer string conversion (#2865)
|
2016-12-12 18:00:49 -08:00 |
|
Phil Christensen
|
1c21fe4208
|
C++ conformance fixes (MSVC /permissive-) (#2860)
|
2016-12-12 00:23:08 -08:00 |
|
Teddy Reed
|
0017de5bf1
|
Add memory and utilization limit override flags (#2858)
|
2016-12-11 21:59:32 -08:00 |
|
Teddy Reed
|
eaf362fcb1
|
[#2849] Linux processes table cleanup (#2861)
|
2016-12-11 21:11:03 -08:00 |
|
Nick Anderson
|
b6b4ced56c
|
Fixing python installation path in Chocolatey (#2857)
|
2016-12-09 17:18:44 -08:00 |
|
Teddy Reed
|
dcbb32f442
|
Allow autoload paths to include directories (#2855)
|
2016-12-08 18:24:01 -08:00 |
|
Marc LeBourdais
|
790aa06b51
|
Add a flag for prepending @cee: to json-logged messages to syslog (#2854)
|
2016-12-08 17:35:20 -08:00 |
|
Teddy Reed
|
272771acb8
|
Improve RocksDB thread usage and write stalls (#2835)
|
2016-12-07 20:20:40 -08:00 |
|
Marc LeBourdais
|
aa08d487c9
|
Keep a local reference to the process name to avoid memory corruption (#2847)
|
2016-12-07 20:20:17 -08:00 |
|
lambda-conjecture
|
6e1af3954e
|
Add --enroll_always flag for TLS config plugin (#2827)
|
2016-12-06 21:56:56 -08:00 |
|
Nick Anderson
|
90e867de88
|
Fixed protocol values (#2846)
|
2016-12-06 15:09:30 -08:00 |
|
Nick Anderson
|
7f5345ec7e
|
Adding process_open_ports and listening_sockets virtual tables to Windows (#2760)
|
2016-12-06 14:25:08 -08:00 |
|
Dan Sedlacek
|
0fb983fe9b
|
add quickfixengineering patches virtual table (#2837)
|
2016-12-03 16:17:16 -08:00 |
|
Teddy Reed
|
5de5187657
|
Fix Linux processes table threads column (#2836)
|
2016-12-03 13:15:57 -08:00 |
|
Teddy Reed
|
e9bbe1d624
|
Add Linux audit benchmarks (#2834)
|
2016-12-03 12:36:55 -08:00 |
|
lambda-conjecture
|
cd761d1749
|
Fix deadlock in RocksDB log callback (#2749)
|
2016-12-02 23:24:08 -08:00 |
|
Jonathan Lee
|
e438971a08
|
Remove warning message during build (#2824)
|
2016-12-02 10:44:29 -08:00 |
|
Teddy Reed
|
5846c97d9e
|
Fix innocuous memory leak when exiting osqueryi (#2825)
|
2016-12-02 10:43:43 -08:00 |
|
Teddy Reed
|
cefaf0cc59
|
[#2809] Emit verbose warning on column collisions (#2810)
|
2016-11-30 14:06:19 -08:00 |
|
Teddy Reed
|
bf2efcb8c0
|
Use syscalls for dropping effective gid/uid on POSIX (#2806)
|
2016-11-29 09:30:56 -08:00 |
|
Teddy Reed
|
555d59eff6
|
Remove fsuid permissions drop for OS X and Linux (#2805)
|
2016-11-28 22:05:08 -08:00 |
|
Mitchell Grenier
|
55efc33327
|
Fix for interface column in routes table (#2803)
|
2016-11-28 19:36:33 -08:00 |
|
Mitchell Grenier
|
d01a6b148e
|
Adding a WiFi survey table (#2794)
|
2016-11-23 16:58:02 -08:00 |
|
Teddy Reed
|
0637f3c880
|
Manage queue configuration for Linux audit (#2792)
|
2016-11-23 15:40:14 -08:00 |
|
Mitchell Grenier
|
02b52005e0
|
Adding a table for currently connected WiFi information (#2793)
* Adding a table for currently connected WiFi information
* make format
* make format
* make format
* make format
* reed changes
* format
|
2016-11-22 23:37:14 -08:00 |
|
lambda-conjecture
|
ad4cf3ed90
|
Fix crash in FIM processing on Linux (#2751)
|
2016-11-22 17:53:07 -08:00 |
|
trizt
|
1cf5ef5a8a
|
Add Gentoo as a build environment and portage tables (#2638)
|
2016-11-22 14:55:30 -08:00 |
|
Teddy Reed
|
0ee1bbe739
|
Improve process_events on Linux (#2790)
|
2016-11-22 09:37:16 -08:00 |
|
Teddy Reed
|
deed140080
|
[#1773] Introduce multi-pack configuration syntax (#2787)
|
2016-11-22 09:35:03 -08:00 |
|
Teddy Reed
|
93ce41b5e4
|
Rename augeas path column to node (#2788)
|
2016-11-20 14:13:55 -08:00 |
|
Teddy Reed
|
7f1dbd604e
|
Remove readline from Linux provision (#2786)
|
2016-11-20 11:36:19 -08:00 |
|
Teddy Reed
|
d402a6ad45
|
Allow configuration JSON to include escaped newlines (#2785)
|
2016-11-19 15:01:40 -08:00 |
|
Teddy Reed
|
f111d4e10d
|
Sanity check Linux memory_map offsets (#2783)
|
2016-11-19 12:11:55 -08:00 |
|
Serey Ty
|
148eb41e4e
|
add drop fields to interface details (#2778)
|
2016-11-19 12:11:25 -08:00 |
|
Jonathan Lee
|
10d61c71b8
|
[Fix #2175] New test: zero permission file operations (#2711)
|
2016-11-18 08:12:27 -08:00 |
|
yying
|
ef3de3d030
|
Improved platformAccess functionality and improved formatting in fileops (#2743)
|
2016-11-18 00:15:23 -08:00 |
|
Teddy Reed
|
4fdea34a9d
|
[Fix #2446] Consolidate namedPipe into socketExists (#2712)
|
2016-11-16 19:32:22 -08:00 |
|
Nick Anderson
|
1a0aa988f1
|
Updating bytes written and read cursor index (#2767)
|
2016-11-16 17:04:17 -08:00 |
|
Teddy Reed
|
d3db14337e
|
deps: Linux: apt-pkg 1.3.1 (#2761)
|
2016-11-15 01:19:08 -08:00 |
|
Teddy Reed
|
d324504703
|
OS X: bypass ASL tests on 10.12 (#2759)
|
2016-11-14 22:17:48 -08:00 |
|
Nick Anderson
|
602f413950
|
[Fix #2733] Updated users table to parse all user profiles (#2737)
|
2016-11-12 19:49:33 -05:00 |
|
Jonathan Lee
|
b63b60e967
|
New table: sudoers (#2686)
|
2016-11-12 16:32:42 -05:00 |
|
Omer Katz
|
5b7655b96f
|
Add augeas table and libxml2 dependency (#2181)
|
2016-11-11 08:00:59 -08:00 |
|
knqyf263
|
6dd8d31ff4
|
Use decorateFileEvent for file_accesses without hashing (#2739)
|
2016-11-10 16:25:32 -08:00 |
|
Teddy Reed
|
10462b75f8
|
Add SGX CPU feature and availability detection to cpuid (#2738)
|
2016-11-09 22:32:15 -08:00 |
|
yying
|
d573cf8e16
|
Improvements to platformChmod for closer POSIX behavior on Windows (#2725)
|
2016-11-08 14:40:53 -08:00 |
|
Mohamed El-Shahawi
|
4935e84b17
|
Add virtual table: Windows Drivers (#2675)
|
2016-11-08 10:50:12 -08:00 |
|
Ryan Holeman
|
0b62245848
|
Fix for sending only failed data to kinesis on full or partial failed uploads (#2703)
|
2016-11-07 09:57:47 -08:00 |
|
Teddy Reed
|
62608f9a08
|
Minor reorganization of osqueryi linking (#2724)
|
2016-11-06 01:17:48 -08:00 |
|
Teddy Reed
|
59f0bad67c
|
Additional compiler checks, including shadow (#2486)
|
2016-11-06 01:17:04 -08:00 |
|
Teddy Reed
|
6ead016cbb
|
[Fix #2656] Refactor events_optimize to act per-query (#2665)
|
2016-11-05 22:03:45 -07:00 |
|
Nick Anderson
|
7d3d726ca6
|
Reduced size of 'large' test file (#2722)
|
2016-11-04 16:11:22 -07:00 |
|
Teddy Reed
|
530f2933e3
|
[Fix #2704] Various distributed code cleanups (#2719)
|
2016-11-03 23:54:55 -07:00 |
|
Nick Anderson
|
8e77cfe545
|
Fixing windows related warnings for linux builds (#2720)
|
2016-11-03 23:52:51 -07:00 |
|
Teddy Reed
|
05413008fb
|
[Fix #2702] Use libxar for safari_extensions parsing (#2714)
|
2016-11-03 11:04:02 -07:00 |
|
Nick Anderson
|
50305e3ef5
|
filled in additional os_version columns for Windows (#2715)
|
2016-11-03 10:07:28 -07:00 |
|
Teddy Reed
|
e775fe1ea2
|
[Fix #2579] Remove database_in_memory flag (#2716)
|
2016-11-03 09:55:10 -07:00 |
|
Teddy Reed
|
5277e82ec8
|
Require an extension socket with extensions_require (#2713)
|
2016-11-02 23:28:17 -07:00 |
|
Nick Anderson
|
afbde7641a
|
Adding large file write/read test for fileops (#2706)
|
2016-11-02 18:27:03 -07:00 |
|
Teddy Reed
|
06cbafdeb6
|
Update os_version table on OS X (#2709)
|
2016-11-02 17:27:19 -07:00 |
|
Teddy Reed
|
a3acf2a3e5
|
Fix Config TLS plugin default verb (#2708)
|
2016-11-02 17:08:44 -07:00 |
|
Jonathan Lee
|
e3efde68d8
|
Request daemon shutdown when logger_path becomes invalid (#2700)
|
2016-11-02 08:37:31 -07:00 |
|
Teddy Reed
|
909db4f2db
|
Add .features and .summary meta commands (#2695)
|
2016-10-30 16:23:22 -07:00 |
|
Teddy Reed
|
4c8fdf5d17
|
Fix UDEV publisher unit tests LSAN bug (#2693)
|
2016-10-30 11:15:55 -07:00 |
|
Teddy Reed
|
8fc8134d17
|
Allow TableOptions::Additional to influence cost (#2694)
This also allows LIKE for OS X's preferences table.
|
2016-10-29 23:19:54 -07:00 |
|
Mitchell Grenier
|
ed13157fe5
|
Set active distributed plugin within extensions (#2692)
|
2016-10-28 23:28:04 -07:00 |
|
Teddy Reed
|
2efd7dfe8c
|
Fix Linux routes table inconsistencies (#2684)
|
2016-10-26 00:03:51 -04:00 |
|
Teddy Reed
|
b59cfd6949
|
[Fix #2681] Use subscriber setUp result to enable/disable (#2682)
|
2016-10-25 10:23:10 -07:00 |
|
Teddy Reed
|
b04736631a
|
Add --extensions_require feature (#2672)
|
2016-10-24 18:13:44 -07:00 |
|
Teddy Reed
|
b814fd54dc
|
[Fix #2674] Add SQLite prepare lock to shell_exec (#2677)
|
2016-10-24 08:25:38 -07:00 |
|
Teddy Reed
|
df25f27efb
|
Prefer /etc/os-release for Linux os_version (#2667)
|
2016-10-22 16:58:32 -07:00 |
|
Teddy Reed
|
5bb5ae1030
|
Add optional default flagfile /etc/osquery/osquery.flags.default (#2673)
|
2016-10-22 16:56:32 -07:00 |
|
Teddy Reed
|
6fc536a809
|
Add --extension to osqueryi for quick autoloading (#2671)
|
2016-10-22 00:29:29 -07:00 |
|
Teddy Reed
|
93b260025a
|
Allow distributed plugin changes and reduce ifdefs (#2670)
|
2016-10-22 00:27:04 -07:00 |
|
Jonathan Lee
|
f529fc3a30
|
[Fix #2652] Shorten long lines (#2664)
|
2016-10-21 22:08:59 -07:00 |
|
Ryan Holeman
|
d76310da2c
|
Random partition keys assigned per batch in kinesis plugin (#2662)
|
2016-10-21 19:43:31 -07:00 |
|
Nick Anderson
|
87c9a6ae24
|
Adding cppcheck analysis script (#2661)
|
2016-10-21 14:27:10 -07:00 |
|
Teddy Reed
|
b00118a293
|
Fix regression in Requests/TLS APIs related to verb detection (#2660)
|
2016-10-21 12:58:40 -07:00 |
|
Aditya Srivastava
|
ef4f8af3b8
|
Issue #2651 : Changed all NULLs to nullptrs (#2657)
|
2016-10-21 11:20:28 -07:00 |
|
Teddy Reed
|
215933622f
|
[Fix #2658] Increase max interval to 1 week (#2659)
|
2016-10-20 19:35:22 -07:00 |
|
Teddy Reed
|
f0ed918087
|
[Fix #2644] Check constraint requiremens regardless of expression (#2654)
|
2016-10-20 09:47:19 -07:00 |
|
yying
|
e5ba82993a
|
Fixes PlatformFile issue with sharing (#2640)
|
2016-10-19 11:11:10 -07:00 |
|
Nick Anderson
|
81d2794b26
|
platformGetUid returns 0 for Administrator user (#2643)
|
2016-10-19 10:25:32 -07:00 |
|
Teddy Reed
|
ab57130178
|
[Fix #2630] Remove 'definition' TablePlugin action (#2633)
|
2016-10-18 00:15:38 -07:00 |
|
Teddy Reed
|
0003e72c63
|
[Fix #2631] osqueryd: Ignore pidfile parsing errors (#2634)
|
2016-10-18 00:14:48 -07:00 |
|
Zachary Wasserman
|
09d5a5475e
|
Prioritize reading node_invalid over error for host re-enrollment (#2621)
|
2016-10-14 18:54:40 -07:00 |
|
Zachary Wasserman
|
42fb80f40b
|
Fix TLS logger plugin handling of re-enrollment scenarios (#2627)
|
2016-10-14 16:31:51 -07:00 |
|
Teddy Reed
|
02b21d00c3
|
Add dropToUser method to privileges dropper interface (#2624)
|
2016-10-14 15:25:54 -07:00 |
|
Michael McGrew
|
55d29505a3
|
Fix missing column in wmi_event_filters table (#2625)
|
2016-10-14 15:10:37 -07:00 |
|
Nick Anderson
|
208d2324d5
|
Extending chrome browser extension table to Windows (#2619)
|
2016-10-14 10:23:37 -07:00 |
|
Nick Anderson
|
2048d17931
|
Fixed pidfile read error on server 2k12 (#2617)
|
2016-10-13 15:18:42 -07:00 |
|
Michael McGrew
|
21f797c811
|
add table for appcompat shims (#2618)
|
2016-10-13 13:31:05 -07:00 |
|
Mohamed El-Shahawi
|
a3e8bac776
|
Add virtual table: Windows services (#2600)
|
2016-10-12 09:10:05 -07:00 |
|
Nick Anderson
|
616d9f5953
|
Adding support for Windows platform_info table (#2611)
|
2016-10-12 09:01:32 -07:00 |
|
Teddy Reed
|
9a0c5c4556
|
deps: Use linenoise-ng for all platforms (#2613)
|
2016-10-11 22:16:21 -07:00 |
|
Teddy Reed
|
b7c5ee31b2
|
Return hardware UUIDs without potential trailing NULL bytes (#2616)
|
2016-10-11 17:55:48 -07:00 |
|
Mohamed El-Shahawi
|
498a040ee6
|
Add virtual table: Windows Kernel_info (#2610)
|
2016-10-11 17:46:26 -07:00 |
|
Zachary Wasserman
|
e78c1358bb
|
Add LIKE support to hash virtual table (#2615)
|
2016-10-11 10:48:57 -07:00 |
|
Teddy Reed
|
665c4fb9bc
|
[Fix #2599] Read from Linux SMI sysfs node for SMBIOS (#2612)
This also fixes odd behavior in Linux when reading a 'regular' file
from /sys that only returns a max of a page-read in bytes.
|
2016-10-11 09:55:01 -07:00 |
|
Ryan Holeman
|
d1240f05e5
|
Fix for AWS ami role auth with cpp-netlib custom redirect condition (#2596)
|
2016-10-09 12:11:56 -07:00 |
|