OSQUERY_INCLUDES = [ "-Iosquery/", "-Iosquery/include/", "-Iosquery/third-party/sqlite3/", "-Ilanguage_technology/src/jedi/util/" ] OSQUERY_IGNORES = [ "-Wno-unused-function", "-Wno-non-virtual-dtor", "-Wno-address", ] OSQUERY_MACROS = [ "-DFBOSQUERY", "-DOSQUERY_BUILD_VERSION=1.2.0", "-DCENTOS", "-DCENTOS_CENTOS6_6", ] OSQUERY_FLAGS = OSQUERY_INCLUDES + OSQUERY_IGNORES + OSQUERY_MACROS cpp_library( name="core", srcs=[ "osquery/core/init_osquery.cpp", "osquery/core/flags.cpp", "osquery/core/tables.cpp", "osquery/core/virtual_table.cpp", "osquery/core/sql.cpp", "osquery/core/sqlite_util.cpp", "osquery/core/system.cpp", "osquery/core/text.cpp", ], deps=[ "@/osquery:database", "@/osquery:sqlite3", ], external_deps=[ ('util-linux-ng', None, 'uuid'), ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="config", srcs=[ "osquery/config/config.cpp", "osquery/config/plugins/filesystem.cpp", "osquery/config/plugins/glog.cpp", "osquery/config/plugins/facebook/configerator.cpp", ], deps=[ "@/configerator/distribution/api:api", "@/configerator/structs/osquery:osquery-cpp", ], external_deps=[ "boost", "glog", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="database", srcs=[ "osquery/database/db_handle.cpp", "osquery/database/query.cpp", "osquery/database/results.cpp", ], external_deps=[ "boost", "glog", "gtest", "rocksdb", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="devtools", srcs=[ "osquery/devtools/printer.cpp", "osquery/devtools/shell.cpp", ], deps=[ "@/osquery:sqlite3", ], external_deps=[ "boost", "glog", "readline", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="dispatcher", srcs=[ "osquery/dispatcher/dispatcher.cpp", ], deps=[ "@/thrift/lib/cpp/concurrency", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="events", srcs=[ "osquery/events/events.cpp", "osquery/events/linux/inotify.cpp", ], deps=[ "@/osquery:core", "@/osquery:database", ], external_deps=[ "boost", "glog", "gtest", "rocksdb", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="filesystem", srcs=[ "osquery/filesystem/filesystem.cpp", "osquery/filesystem/linux/proc.cpp", ], external_deps=[ ("boost", None, "boost_filesystem"), "glog", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="logger", srcs=[ "osquery/logger/logger.cpp", "osquery/logger/plugins/filesystem.cpp", "osquery/logger/plugins/facebook/scribe.cpp", ], deps=[ "@/osquery:database", "@/scribe/client:scribe_client", ], external_deps=[ "boost", "glog", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="registry", srcs=[ ], external_deps=[ "boost", "glog", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="scheduler", srcs=[ "osquery/scheduler/scheduler.cpp", ], deps=[ "@/osquery:core", ], external_deps=[ "glog", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="sqlite3", srcs=["third-party/sqlite3/sqlite3.c"], link_whole=True, compiler_flags=[ "-Wno-array-bounds", ], ) cpp_library( name="tables", srcs=[ "osquery/tables/events/linux/passwd_changes.cpp", "osquery/tables/networking/etc_hosts.cpp", "osquery/tables/networking/etc_services.cpp", "osquery/tables/networking/utils.cpp", "osquery/tables/networking/linux/arp_cache.cpp", "osquery/tables/networking/linux/port_inode.cpp", "osquery/tables/networking/linux/routes.cpp", "osquery/tables/networking/linux/socket_inode.cpp", "osquery/tables/system/shell_history.cpp", "osquery/tables/system/cpuid.cpp", "osquery/tables/system/last.cpp", "osquery/tables/system/suid_bin.cpp", #"osquery/tables/system/linux/block_devices.cpp", "osquery/tables/system/linux/groups.cpp", "osquery/tables/system/linux/kernel_modules.cpp", "osquery/tables/system/linux/mounts.cpp", #"osquery/tables/system/linux/pci_devices.cpp", #"osquery/tables/system/linux/processes.cpp", #"osquery/tables/system/linux/rpm_packages.cpp", "osquery/tables/system/linux/users.cpp", "osquery/tables/system/logged_in_users.cpp", "osquery/tables/utility/crontab.cpp", "osquery/tables/utility/time.cpp", "osquery/tables/utility/file.cpp", "osquery/tables/utility/hash.cpp", ], deps=[ "@/osquery:core", "@/osquery:filesystem", ], external_deps=[ "boost", ("boost", None, "boost_filesystem"), "glog", "gtest", "rocksdb", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="tables-generated", srcs=util.files("generated/*"), deps=[ "@/osquery:sqlite3", "@/osquery:tables", "@/osquery:registry", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_library( name="osquery", srcs=[ "osquery/main/lib.cpp", ], deps=[ "@/osquery:config", "@/osquery:core", "@/osquery:database", "@/osquery:devtools", "@/osquery:dispatcher", "@/osquery:events", "@/osquery:filesystem", "@/osquery:logger", "@/osquery:registry", "@/osquery:scheduler", "@/osquery:sqlite3", "@/osquery:tables", "@/osquery:tables-generated", ], link_whole=True, compiler_flags=OSQUERY_FLAGS, ) cpp_binary( name="osqueryi", srcs=[ "osquery/main/shell.cpp", ], deps=[ "@/osquery:osquery", ], compiler_flags=OSQUERY_FLAGS, ) cpp_binary( name="osqueryd", srcs=[ "osquery/main/daemon.cpp", ], deps=[ "@/osquery:osquery", ], compiler_flags=OSQUERY_FLAGS, )