valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,526 Commits 2 Branches 109 Tags 25 MiB
f25e151d9e
Commit Graph

486 Commits

Author SHA1 Message Date
Teddy Reed
f25e151d9e [Fix #895] Prevent subkey stacking in preferences 2015-03-22 18:45:25 -07:00
Teddy Reed
709723efda Merge pull request #880 from theopolis/shell_db 
Remove unused shell functions
 2015-03-19 21:33:37 -07:00
Teddy Reed
c58599057b [Fix #885] Use list directories for homebrew 2015-03-19 16:31:11 -07:00
Teddy Reed
79ddc5ba38 Remove unused shell functions 2015-03-19 16:14:29 -07:00
Teddy Reed
91dce32095 Speed up shell and add max value size 2015-03-18 15:07:13 -07:00
Teddy Reed
09790478b3 Nit, prefer boolean columns to not use 'is_' 2015-03-17 15:21:37 -07:00
Teddy Reed
3da2e09a5c [Fix #869] Rename safari_plugins is_native 2015-03-17 11:28:37 -07:00
Teddy Reed
4440b2f791 Renamed osx_version to os_version, include Linux versions 2015-03-15 16:07:49 -07:00
Teddy Reed
660c6ec53f Merge pull request #839 from theopolis/addons_vtable 
[#787] Add chrome, firefox, and safari related tables
 2015-03-13 11:01:25 -07:00
Teddy Reed
e281e6a214 [#787] Add chrome, firefox, and safari related tables 2015-03-13 10:48:14 -07:00
Teddy Reed
33cbdd42ba Merge pull request #834 from theopolis/keychain_items 
Add keychain_items to include basic item details
 2015-03-10 16:06:17 -07:00
Teddy Reed
6a81cec937 Organize kernel_extensions to add signatures 2015-03-09 11:43:06 -07:00
Teddy Reed
995a16d83f Add keychain_items to include basic item details 2015-03-08 01:59:59 -08:00
Teddy Reed
4916392aa8 Merge pull request #812 from theopolis/keychain 
Add more keychain search paths for certificates
 2015-03-07 23:27:50 -08:00
Don Husa
f6b5c5a2e3 Cleaned Up Time Table 2015-03-05 16:57:44 -08:00
Teddy Reed
0673900837 Registry modules 2015-03-04 20:33:10 -08:00
Teddy Reed
99beceaef6 Switch lazy=active concept for registry setup 2015-03-04 18:51:41 -08:00
Mitchell Grenier
d5e8fe61d2 Removed the checks 2015-03-04 11:27:11 -08:00
Mitchell Grenier
3d27fff697 Merge pull request #784 from jedi22/directory_monitoring 
Adding ability to monitor whole folders
 2015-03-02 17:21:24 -08:00
Mitchell Grenier
f50593f030 Less capitals 2015-03-02 17:01:05 -08:00
Mitchell Grenier
fc09924a59 clang format 2015-03-02 16:48:01 -08:00
Teddy Reed
a6bc9d6d97 Merge pull request #804 from theopolis/network_settings 
Add sysctl (system_controls) table
 2015-03-02 16:01:39 -08:00
Teddy Reed
e123f9f0a2 Add more keychain search paths for certificates 2015-03-01 21:15:42 -08:00
Teddy Reed
be9218ecf1 Add sysctl (system_control) table 2015-03-01 18:51:33 -07:00
Mitchell Grenier
0031c6ed57 Fixed many bugs. inotify and fsevents should be same now 2015-02-27 17:28:51 -08:00
Teddy Reed
74ae25f727 Merge pull request #801 from theopolis/openssl_x509 
Rename ca_certs to certificates
 2015-02-26 23:59:49 -08:00
Teddy Reed
2237f00c12 Rename ca_certs to certificates 2015-02-26 23:47:05 -08:00
Mitchell Grenier
70c82b5a40 Linux inotify more closely resembles fsevents and is generally more awesome 2015-02-25 16:43:37 -08:00
Mitchell Grenier
6548006d3e Adding ability to monitor whole folders 2015-02-25 16:28:24 -08:00
Teddy Reed
9031bad609 Extensions helpers, API additions 
Use --socket for extensions, limit help
Add an 'active' concept to registries, support a blank item call
Add osquery_registry to list the internal/external plugin details
 2015-02-25 01:02:05 -07:00
Teddy Reed
c7e4094c53 Merge pull request #795 from theopolis/fix_788 
[Fix #788] Lookup ppids on OS X using CTL_KERN
 2015-02-24 13:52:40 -08:00
Teddy Reed
a70873c8ea [Fix #788] Lookup ppids on OS X using CTL_KERN 2015-02-24 13:31:30 -08:00
Mike Arpaia
260375cc21 Merge pull request #793 from theopolis/fix_regex 
[Fix #792] Replace std::regex with string parsing gcc below 4.9
 2015-02-24 13:28:11 -08:00
Teddy Reed
148d7385f6 [Fix #792] Replace std::regex with string parsing gcc below 4.9 2015-02-24 13:19:27 -08:00
Teddy Reed
925deb8e74 [lints] Basic cpp linting 2015-02-24 03:47:12 -08:00
Teddy Reed
ace433e49d Allow external calls from within registry 2015-02-23 21:35:54 -08:00
Teddy Reed
a29addba61 Extensions integrations testing 2015-02-22 22:56:18 -07:00
Teddy Reed
5334b9650a Merge pull request #775 from theopolis/sdk_build 
Building example extension with SDK
 2015-02-19 14:26:48 -08:00
Mitchell Grenier
182c69d4af Added ability to specify files to watch with wildcards 2015-02-19 12:43:23 -08:00
Teddy Reed
451ef686ed Building example extension with SDK 2015-02-18 20:11:00 -08:00
Teddy Reed
6f155d63c5 Improve flag storage and printing 2015-02-16 16:26:06 -08:00
Teddy Reed
3c36c4196b Merge pull request #731 from jedi22/wildcard_events 
Added parsing of extra data along with its addition to the osqueryconfig structure
 2015-02-15 19:16:54 -08:00
Teddy Reed
95dd2a808f Merge pull request #762 from theopolis/startup_items 
[Fix #758] Parse startup_items Alias data
 2015-02-15 16:33:39 -08:00
Teddy Reed
1ea06a9d15 [Fix #758] Parse startup_items Alias data 2015-02-13 17:40:02 -08:00
Teddy Reed
3246b346dc Fix getProcList indexing 2015-02-13 14:38:49 -08:00
Teddy Reed
aa078895d3 CentOS7 clang without fortify 
1. _FORTIFY_SOURCE=1 will cause readlink/recv to hang when using
heap-allocated target buffers.
2. Install boost/rocksdb/thrift using source, similar to CentOS6.5
3. Remove boost::regex, prefer extended std::regex without static
link to boost_regex.
 2015-02-13 12:47:30 -08:00
Mitchell Grenier
54ef2045e5 Made config a meyers singleton. Load should now only ever have to happen once 2015-02-13 12:32:54 -08:00
Teddy Reed
340dcd775a Add 'cwd', 'root' to processes 2015-02-12 18:05:10 -08:00
Teddy Reed
b7160aae72 Merge pull request #750 from theopolis/file_directory 
Allow file table to use a directory constraint
 2015-02-12 15:57:20 -08:00
Teddy Reed
584a326f63 Merge pull request #748 from theopolis/improve_processes 
[#721] Add pid constraint checking to darwin procs
 2015-02-12 15:57:15 -08:00