valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 18:33:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
992 Commits 2 Branches 109 Tags 25 MiB
fefe6de824
Commit Graph

992 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Teddy Reed
fefe6de824 OSX XProtect siganture DB as virtual table 2014-12-16 21:35:26 -08:00
Teddy Reed
8c38492b2a Add XProtect vtable to OSX 2014-12-16 17:59:07 -08:00
Mike Arpaia
9310299905 Merge pull request #549 from theopolis/fix_546 
Fix 546 and add osquery_flags
 2014-12-16 12:42:22 -08:00
Teddy Reed
30a27798d5 osqueryd should announce to syslog when starting 2014-12-16 12:04:43 -08:00
Teddy Reed
d5c5253bbc Add osquery_flags vtable 2014-12-16 02:07:50 -08:00
Teddy Reed
b5535256e6 [Fix #546] Rename md5 to config_md5 and add config_path to osquery_info 2014-12-16 01:52:02 -08:00
Teddy Reed
b442ef0fd3 Merge pull request #548 from theopolis/support_any_brew_openssl 
Use static openssl libs to support thrift 0.9.x
 2014-12-16 01:23:25 -08:00
Teddy Reed
4425bed23e Merge pull request #504 from Anubisss/master 
Adding a table which maps services from /etc/services.
 2014-12-16 01:23:05 -08:00
Teddy Reed
5bd8d9ac37 Use static openssl libs to support thrift 0.9.x 2014-12-16 01:15:58 -08:00
Teddy Reed
44dc60a740 Merge pull request #543 from theopolis/routes_timeout 
Add timeout to netlink socket read
 2014-12-14 13:43:35 -08:00
anuka
fa95ff09d8 Some fix for etc_services. 
Signed-off-by: anuka <david.vas1@gmail.com>
 2014-12-14 22:14:00 +01:00
anuka
375c837b74 Merge remote-tracking branch 'upstream/master' 2014-12-13 15:27:09 +01:00
Teddy Reed
00c88a19bc Add timeout to netlink socket read 2014-12-12 17:50:47 -08:00
Teddy Reed
353b44c6cc Merge pull request #542 from theopolis/iokit_hid_events 
IOKit HID events and OSX hardware_events table
 2014-12-12 14:08:21 -08:00
Teddy Reed
cd20ed6b77 Prevent IOKitHID value subscriptions 2014-12-11 18:19:05 -08:00
Teddy Reed
acccfa94e2 IOKit HID events and OSX hardware_events table 2014-12-11 18:06:08 -08:00
Teddy Reed
8d1966f7ff Merge pull request #541 from theopolis/usb_parity 
PCI/USB parity
 2014-12-11 10:29:24 -08:00
Teddy Reed
7b56fa605d PCI/USB parity 2014-12-10 19:51:18 -08:00
Teddy Reed
a75fa3bf11 Merge pull request #538 from theopolis/improve_usb 
Improve usb_devices on OSX
 2014-12-10 19:51:08 -08:00
Teddy Reed
fcfac2174f Merge pull request #540 from facebook/osquery_info 
osquery_info table
 2014-12-10 19:50:45 -08:00
mike@arpaia.co
8f8bc6b772 osquery_info table 2014-12-10 18:38:41 -08:00
Teddy Reed
b08ad3cb14 Check USB property for CFString type 2014-12-10 09:12:12 -08:00
Teddy Reed
f29e0c17ca Update ca_certs_tests to use moved OSX conversions 2014-12-10 01:59:13 -08:00
Teddy Reed
4644c5e19b Simple usb_devices updates 2014-12-10 01:52:02 -08:00
Teddy Reed
7ba4fb31dd Merge pull request #536 from theopolis/suid_fix 
Suid fix
 2014-12-10 01:19:48 -08:00
Teddy Reed
b8f3d36754 Merge pull request #535 from theopolis/osqueryd_osquery 
Using osquery as the app ID
 2014-12-10 01:19:30 -08:00
Teddy Reed
0b5083bd0e Improve usb_devices on OSX 2014-12-10 01:17:24 -08:00
Teddy Reed
ab8df11818 Add filesystem_error catching and remove suid_bin from BL 2014-12-09 20:13:39 -08:00
Teddy Reed
76d97f60ac Merge pull request #534 from theopolis/linux_netlink 
[Fix #530] Continue to read from NL socket
 2014-12-09 18:24:42 -08:00
Teddy Reed
5b029c96ec Using osquery as the app ID 2014-12-09 17:37:58 -08:00
Teddy Reed
9a9de67b93 Restrict suid_bin to common search paths 2014-12-09 16:38:14 -08:00
Teddy Reed
192224977d Add small delay if NL read = 0 2014-12-09 16:02:25 -08:00
Teddy Reed
22c9664ae1 [Fix #530] Continue to read from NL socket 2014-12-09 15:49:40 -08:00
Teddy Reed
f4a226f4cf Merge pull request #533 from theopolis/static_build_osx 
Link the brew dependencies statically on OSX
 2014-12-09 14:03:54 -08:00
Teddy Reed
2fae6c0d7c Link the brew dependencies statically on OSX 2014-12-09 13:40:53 -08:00
Teddy Reed
c26c3a6dfa Merge pull request #532 from arirubinstein/master 
Force git to return something if tags aren't found
 2014-12-09 10:12:19 -08:00
Ari Rubinstein
27b6fb021e Force git to return something if tags aren't found 
If there are no tags in the current repository, this command will fail leaving the OSQUERY_BUILD_VERSION blank, and therefore breaking the package building process (and presumably other things too) due to the empty version flag.  By adding the flag --always, this forces git to fallback to a commit id instead of returning nothing.
 2014-12-09 09:52:36 -08:00
Mike Arpaia
ee285fca91 Merge pull request #531 from facebook/pidfile-fix 
Fixing pidfile creation bug
 2014-12-09 02:21:01 -08:00
mike@arpaia.co
0846b6ddd5 Fixing pidfile creation bug 
If osqueryd was killed and another process was started with osqueryd's
old pid before a new osqueryd could start, osqueryd would encounter a
bug where osqueryd would never start.

This executes an osquery query to the processes table to make sure that
the name of the process is "osqueryd". Of course, you could perhaps
denial of service osqueryd this way, but that would require root
filesystem access (assuming that the last version of osqueryd was
ran as root). Thoughts?
 2014-12-08 23:52:38 -08:00
mike@arpaia.co
fda82f21ab TARGETS updates 2014-12-08 18:20:02 -08:00
Teddy Reed
a5fa544568 Merge pull request #529 from theopolis/linux_events_udev 
Linux udev events
 2014-12-08 16:11:43 -08:00
Teddy Reed
96d68ce98a Clean before building CI 2014-12-08 15:22:17 -08:00
Teddy Reed
2ebbbf6f98 Linux udev events 2014-12-08 14:13:47 -08:00
mike@arpaia.co
e260007f04 Change exit(-1) to exit(EXIT_FAILURE) 2014-12-08 10:40:10 -08:00
Teddy Reed
fb5048596c Merge pull request #527 from theopolis/fix_linux_processes_cmdline 
Replace linux cmdline tokens with spaces
 2014-12-07 18:11:07 -08:00
Teddy Reed
f8cc579d36 Fix json results clear 2014-12-07 15:53:37 -07:00
Teddy Reed
b890670be1 Replace linux cmdline tokens with spaces 2014-12-07 00:35:24 -07:00
Teddy Reed
a0866c0972 Merge pull request #524 from theopolis/events_expiry 
Events expiry
 2014-12-06 19:52:16 -08:00
Teddy Reed
b77f469752 Merge pull request #526 from theopolis/json-output 
Add -json output mode for shell
 2014-12-06 19:52:06 -08:00
Teddy Reed
19695d40aa Add expiration to events 2014-12-06 18:28:03 -07:00