- Update to upstream 0.6.4-2:
* Reset nanny when client connection failed. (#1780)
* Fix artifacts that use yara parameters to specify yara type (#1779)
* Update release for bugfixes 0.6.4-2
* Add update to ADSHunter for better output on complete system hunts (#28) (#1765)
* SysmonInstall artifact now skips install if not needed (#1777)
* Initial implementation of client side process tracker. (#1768)
* Invalidate transformed cache when the base table changes. (#1742)
* GUI Table widgets now can apply transformations on the table. (#1740)
* Suppress warning message for offline collector (#1776)
* Bug fix (#1774)
* Avoid bash process lingering around while server is running (#1775)
* oidc: Fix typo: Genric -> Generic (#1773)
* Make MaxWait for event table settable. (#1772)
* Fixed bug in Windows.Detection.Yara.Process (#1771)
* fix: upgrade react-scripts from 5.0.0 to 5.0.1 (#1770)
* Bugfix: Client did not update list of query columns (#1767)
* Merge bugfixes from master branch. (#1769)
- Revendored dependencies.
- Update to version 0.6.4~git31.4298eab0:
* Add artifact for chattrsnoop plugin
* bpflib: ensure it's built only on linux and when requesting bpf
* Add chattrsnoop plugin
* tcpsnoop: Properly close module in case of attach error
* Elastic.Events.Client: Update to use new artifactset type
* Kafka.Events.Client: Update to use new artifactset type
* artifacts: add artifactset parameter type
* api: add type and description fields to v1/GetArtifacts endpoint
* Add artifacts for dns/tcp snoop plugins
OBS-URL: https://build.opensuse.org/request/show/976934
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=17
- Fix error handling in tcpsnoop and dnssnoop.
* If BTF information is unavailable, there is no indication that the
query has failed.
- Rebase on 0.6.4:
* Updated dependencies
* Bugfix: startup bugs (#1680)
* bugfix: Server event notebook not correctly created (#1737)
* Bugfix: Start a dummy indexing service (#1736)
* Add bugfix which would return no rows if the user removed whitelist (#1735)
* Fixed bug in read_reg_key (#1734)
* BUGFIX: Do not include config flag when darwin installer is repacked (#1733)
* Refactored index into its own service. (#1730)
* Bugfix: Write one index item per JSONL record. (#1727)
* Bugfix: Estimating client impact should consider last active status (#1726)
* Add complete ntfs metadata option to MFT output (#1725)
* Various bugfixes. (#1724)
* Update Usn.yaml (#1723)
* Fixed a bug in hunt download preparation. (#1722)
* Add Windows.Forensics.Usn filter and presentation updates (#1720)
* Optimize writing event monitoring records (#1721)
* Add Generic.Detection.Yara.Zip (#1718)
* Fixed crash on master-pong response. (#1719)
* Remove _type option from elastic. (#1715)
* Opportunistically update directly connected client's ping times (#1713)
* Fixed a bug in hunt download preparation. (#1722)
* Add Windows.Forensics.Usn filter and presentation updates (#1720)
* Optimize writing event monitoring records (#1721)
* Add Generic.Detection.Yara.Zip (#1718)
* Fixed crash on master-pong response. (#1719)
OBS-URL: https://build.opensuse.org/request/show/975255
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=14
- Resolved some rpmlint warnings and added client config placeholder.
- Update to version 0.6.3~git0.69e0fffa:
* Prepare for 0.6.3 release (#1515)
* add limitations to description and key path to query (#1514)
* Retry remote datastore connections (#1513)
* Write minion log files and autocert in its own dir. (#1512)
* Synced KapeFiles artifacts (#1511)
* Added data retention server artifacts (#1510)
* Set an upper limit for ttl in memcache (#1508)
* Add updates to Windows.System.Services (#15) (#1509)
* Ensure collector container is properly closed when interrupted. (#1507)
* Continually rebuild the index at runtime. (#1506)
* Harder vacuum - directly move client task directories to the attic. (#1505)
* add limitation disclaimer (#1504)
* Reduce critial section to avoid deadlock in repository manager (#1503)
* Implemented a vacuum command to remove old tasks from client queues. (#1501)
* Better format profile metrics output. (#1495)
* Cap size of directories and report large directories. (#1493)
* Set ACE completers per editor to avoid global state. (#1492)
* Add HttpOnly flag to all cookies. (#1491)
* Refactor completion routine calls (#1490)
* fix: upgrade react-bootstrap from 1.3.0 to 1.6.4 (#1486)
* fix: upgrade http-proxy-middleware from 1.0.5 to 1.3.1 (#1485)
* fix: upgrade react-ace from 9.1.3 to 9.5.0 (#1487)
* fix: upgrade recharts from 2.0.9 to 2.1.8 (#1488)
* fix: upgrade react-datetime-picker from 3.0.4 to 3.4.3 (#1489)
* Limit size of cached directories. (#1483)
* Add more instrumentation to memory caches. (#1482)
* Fixed chart resizing bug (#1481)
OBS-URL: https://build.opensuse.org/request/show/950798
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=3
