valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 18:33:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ed69536c06
osquery-1/osquery/tables/utils
History
Wesley Shields 67bf099207 YARA tests, SQL matching, sigfile loading 
1. Minor refactoring.

- Generate one row per sigfile or sig_group.
- While here, when a signature file fails to compile, VLOG() it.

2. Bring in a couple of YARA tests.
Write a couple of tests for YARA functionality. Right now the only tests
make sure rules are compiled properly and that rules match where they
should and don't match where they shouldn't.

3. Allow sigfiles to be relative to /var/osquery.
- Also, only create a row if scanning happened.

4. Add pattern support to yara table.
- Also, optimize things so that rules are only compiled once.
2015-04-26 03:03:48 -07:00
..
tests YARA tests, SQL matching, sigfile loading 2015-04-26 03:03:48 -07:00
yara_utils.cpp Move yara out of core/SDK into additional 2015-04-26 03:01:28 -07:00
yara_utils.h Move yara out of core/SDK into additional 2015-04-26 03:01:28 -07:00
yara.cpp YARA tests, SQL matching, sigfile loading 2015-04-26 03:03:48 -07:00