SHA256
1
0
forked from pool/velociraptor
Commit Graph

24 Commits

Author SHA256 Message Date
241ebf3914 Accepting request 1161552 from home:ateixeira:branches:security:sensor
- Update to version 0.7.0.4.git66.eea7659:
  * dnssnoop: fix loading protocol from ip header on s390
  * dnssnoop: fix htons() so it works on s390 too
  * Fix systemd Services artifact missing events
  * chattrsnoop: replace global variables with locals
  * tcpsnoop: fix garbled results on s390
  * chattrsnoop: fix immutable attribute set on s390
  * chattrsnoop: fix bpf_probe_read for s390
  * tcpsnoop: remove unused filtering code
  * Add artifact to collect new files without owner
  * bpf plugins: set a logger callback
- Add CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch
  (bsc#1221456)

OBS-URL: https://build.opensuse.org/request/show/1161552
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=65
2024-03-25 20:16:39 +00:00
1565eb03b8 Accepting request 1149917 from home:doreilly:branches:security:sensor
- Update to version 0.7.0.4.git47.0f8a4de1:
  * Rename SUSE specific artifacts to have SUSE prefix
  * Add SUSE.Linux.Events.NewZeroSizeLogFile artifact
  * Move NewFiles artifact to SUSE
  * Move ImmutableFile artifact to SUSE
  * Make ImmutableFile artifact consistent with others
  * Fix absolute path case in ExecutableFiles artifact
  * Add client monitoring artifact for RPMs
  * Add artifact to collect new hidden files
  * Add artifact to monitor ssh authorized_keys files
  * Fix split_records error on older clients
  * Add hash fields to Linux.Events.ProcessExecutions
  * Add artifact to collect systemd service events
  * Fix SystemLogins artifacts file extensions
  * Add SUSE.Linux.Events.Timers artifact
  * Fix audit filter key typo in Linux.Events.NewFiles
  * Add server artifact to delete old client data on server
  * Add SUSE.Linux.Sys.At artifact
  * chattrsnoop: include full error details in logs
  * chattrsnoop: handle os.Stat() error properly
  * chattrsnoop: don't log.Fatal() on hash error
  * Fix Linux.Events.ImmutableFile not showing hash in GUI
  * SUSE.Linux.Events.Crontab: Add task execution artifacts
  * Raise client connection log level to ERROR
  * sdjournal: Correctly seek to current tail
- Remove verbose flag from client config
 
- Update to version 0.7.0.4.git6.7b40b8b:
  * go.mod: increase go version to 1.19

OBS-URL: https://build.opensuse.org/request/show/1149917
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=62
2024-02-23 12:55:34 +00:00
ac85413735 Accepting request 1133905 from home:jeff_mahoney:branches:security:sensor
- Temporarily use the NODE_MODULES BEGIN/END form of the node_modules
  service due to a bug in debbuild preventing Debian builds from succeeding.
- Update to version 0.7.0.4.git4.c1b68a5b:
  * hash: fix nil pointer dereference panic
  * velociraptor: add dummy main function for mage
- Removed patch:
  * velociraptor-golang-mage-vendoring.diff
- Switched to using go_modules and node_modules source services
  - Eliminated bespoke vendoring scripts.
- Pulled sysuser definition into the velociraptor package.

- Remove PrivateTmp and PrivateDevices settings in velociraptor-client.service (SENS-70)

- Update to version 0.7.0.4.git0.e09a0df8:
  * Add additional sanitization to HTML templates on JS side. (#2) (#3077) (CVE-2023-5950)
  * vql/linux/sdjournal: Fix open/close lifetimes
  * vql/linux/audit: fix shutdown races
  * vql/linux/audit: fix goroutine lifetimes
  * vql/linux/audit: limit messageQueue to within runService
  * vql/linux/audit: add auditService.Log()
  * vql/linux/audit: pull parts of shutdown into shutdown watcher
  * vql/linux/audit: remove unnecessary error handling for reassembler
  * vql/linux/audit: remove unused waitgroup from main event loop
  * vql/linux/audit: handle top-level cancelation properly
  * vql/linux/audit: make explicit that goroutines in the main errgroup don't return errors
  * vql/linux/audit: make stats reporting separate from debug prints
  * vql/linux/audit: simplify polling in listener
  * vql/linux/audit: tests, check various rule scenarios
  * vql/linux/audit: Add more client failure test cases
  * vql/linux/audit: Fix audit client lifecycle

OBS-URL: https://build.opensuse.org/request/show/1133905
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=55
2023-12-18 18:44:23 +00:00
154074cae5 - Update to version 0.6.7.5~git81.01be570:
* libbpfgo: pull fix for double-free
  * logscale: add documentation for plugin

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=51
2023-05-10 00:51:00 +00:00
3a5ec10ba3 Accepting request 1085591 from home:jeff_mahoney:branches:security:sensor:updates
- Update to version 0.6.7.5~git78.2bef6fc:
  * bpf: fix path to vmlinux.h

- Update to version 0.6.7.5~git77.997aa73:
  * file_store/test_utils/server_config.go: update test certificate
  * Update bluemonday dependency.
  * vql/functions/hash: cache results on Linux
  * libbpfgo: update to velociraptor-branch-v0.4.8-libbpf-1.2.0
  * logscale/backport: don't use networking.GetHttpTransport
  * vql/tools/logscale: add plugin to post events to LogScale ingestion endpoint
  * file_store/directory: add ability to report pending size
- Change clang dependency to clang16
- Fix velociraptor-golang-mage-vendoring.diff to account for newer
  'go mod vendor' honoring build flags.
- Fix update-vendoring.sh script to actually run the %setup part of
  the spec.
- Merge client package into server spec and use _multibuild to create
  client package from same spec file.
- Adjust changelog to retain changes for client package.
- Fix building in static mode on earlier releases.
  - Added patch: velociraptor-libbpfgo-only-build-libbpf.patch

- Tightening the security of the services a bit:
  - tmp files are now moved to /var/lib/velociraptor{,-client}/tmp
    from /tmp
  - run velociraptor server as user velociraptor instead of root
    we do not really need root permissions here
  - introduce /var/lib/velociraptor/filestore to make it easier to
    split out large file upload
  - change permissions for the data directory and subdirectories to

OBS-URL: https://build.opensuse.org/request/show/1085591
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=46
2023-05-09 00:49:51 +00:00
8fbd6d6882 Accepting request 1062529 from home:jeff_mahoney:branches:security:sensor
- Update to version 0.6.7.4~git63.4a1ed09d:
  * utils/time.js: fix handling of nanosecond-resolution timestamps

- Update to version 0.6.7.4~git63.4a1ed09d:
  * utils/time.js: fix handling of nanosecond-resolution timestamps

OBS-URL: https://build.opensuse.org/request/show/1062529
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=42
2023-02-01 18:28:25 +00:00
d5a3e31f79 Accepting request 1060929 from home:jeff_mahoney:branches:security:sensor
- Use obsinfo mtime to produce stable build timestamp (bsc#1207369).

- Update to version 0.6.7.4~git60.8abed37a:
  * http_comms: create ring buffer temporary file in the same directory
  * cronsnoop: plumb in real scope logging
  * cronsnoop: don't treat routine errors as fatal
  * cronsnoop: fix typo

- Use obsinfo mtime to produce stable build timestamp (bsc#1207369).

- Update to version 0.6.7.4~git60.8abed37a:
  * http_comms: create ring buffer temporary file in the same directory
  * cronsnoop: plumb in real scope logging
  * cronsnoop: don't treat routine errors as fatal
  * cronsnoop: fix typo

OBS-URL: https://build.opensuse.org/request/show/1060929
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=41
2023-01-25 13:29:03 +00:00
b77f05d020 - Update to version 0.6.7.4~git53.0e85855:
* sdjournal: work around missing _SYSTEMD_UNIT fields

- Update to version 0.6.7.4~git53.0e85855:
  * sdjournal: work around missing _SYSTEMD_UNIT fields

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=31
2023-01-19 05:02:41 +00:00
3f054c52ce Accepting request 1059461 from home:jeff_mahoney:branches:security:sensor
- Clean up for Factory submission:
  - Make bpf-enabled builds conditional
  - Removed %defattr and combined service lines.
  - Change clang and llvm dependencies to use >= 13
  - Newer versions of clang hit a DWARF parsing bug in go < 1.19,
    so increase go version dependecy
  - Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x
    Neither the client or server builds on ix86.
- Added Restart=on-failure to restart the client automatically.

- Update to version 0.6.7.4~git51.a588d6e4:
  * magefile.go: use current architecture for Linux builds
  * Update libbpfgo submodule to include non-AMD64 build fixes
  * bpf: bpf expects s390 instead of s390x

- Clean up for Factory submission:
  - Make bpf-enabled builds conditional
  - Removed %defattr and combined service lines.
  - Change clang and llvm dependencies to use >= 13
  - Newer versions of clang hit a DWARF parsing bug in go < 1.19,
    so increase go version dependecy
  - Define ExclusiveArch for x86_64, ppc64le, aarch64, and s390x
    Neither the client or server builds on ix86.
- Update to version 0.6.7.4~git51.a588d6e4:
  * magefile.go: use current architecture for Linux builds
  * Update libbpfgo submodule to include non-AMD64 build fixes
  * bpf: bpf expects s390 instead of s390x

OBS-URL: https://build.opensuse.org/request/show/1059461
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=30
2023-01-19 01:05:43 +00:00
01f83bd1f6 - Update to version 0.6.7.4~git46.5d88d80:
* contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID

- Update to version 0.6.7.4~git46.5d88d80:
  * contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=26
2022-12-07 04:22:37 +00:00
62de5286f7 Accepting request 1040837 from home:jeff_mahoney:branches:security:sensor
- Update to version 0.6.7.4~git41.678ed56:
  * rpm: introduce rpm vql plugin
  * users: extend DeleteUser testcase to ensure org membership was dropped
  * users: ensure baseline user state is correct
  * github: run testcases on Linux builds in new workflow
  * gui/reporting: update bluemonday dependency to latest
  * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal()
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact
  * kafka-humio-gateway: add sample config file
  * Updating the NewFiles and ProcessStatuses Artifacts
  * cronsnoop: rework testcases to use t.TempDir
  * vql/linux/cronsnoop: Add cronsnoop() plugin
  * Extend audit artifacts to use new interface
  * audit: rearchitect plugin to scale better with multiple invocations
  * audit: use caller-allocated buffer
  * use github.com/jeffmahoney/go-libaudit/v2 for audit
  * Kafka.Events.Client: Update to use new artifactset type
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * Add artifact to monitor user group updates (#24)
  * vql/linux/dnssnoop: Add dnssnoop() plugin
  * Log Sudo/root command by auditd
  * Add custom artifacts for login and logout attempts recorded by auditd
  * Add tcpsnoop plugin
  * vql/linux/bpflib: add helper package for bpf plugins

OBS-URL: https://build.opensuse.org/request/show/1040837
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=25
2022-12-07 03:37:22 +00:00
4f3a31cc82 Accepting request 1035327 from home:jeff_mahoney:security:sensor
- Update to version 0.6.4.2~git86.b5931f7:
  * cleanup: go mod tidy
- Fix vendoring of replaced modules.
- Only require libtsan0 on x86_64
- Only attempt to copy vmlinux.h if /sys/kernel/btf/vmlinux doesn't exist
- Fix building of libbpfgo on i586

- Update to version 0.6.4.2~git84.1b38fda:
  * Clean up libbpfgo mess
  * libbpfgo: use forked repo for fully static builds
  * libbpfgo: sync to v0.4.4-libbpf-1.0.1
  * contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID
  * libbpfgo: add selftest to build so testcases work
  * cronsnoop: rework testcases to use t.TempDir
  * cronsnoop: move external dependencies to end of import list
  * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal()

- Update to version 0.6.4.2~git67.85b608e:
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact
  * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2
  * kafka-humio-gateway: add sample config file
  * Updating the NewFiles and ProcessStatuses Artifacts

OBS-URL: https://build.opensuse.org/request/show/1035327
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=22
2022-11-12 01:51:37 +00:00
2c83e467e2 - Update to version 0.6.4.2~git70.b7df8172:
* file_store: handle watching artifacts with named sources

- Update to version 0.6.4.2~git70.b7df8172:
  * file_store: handle watching artifacts with named sources

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=21
2022-11-10 15:49:07 +00:00
08bbeb37f8 - Update to version 0.6.4.2~git68.5226b23b:
* api/authenticators/basic: fix logoff endpoint
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact

- Update to version 0.6.4.2~git68.5226b23b:
  * api/authenticators/basic: fix logoff endpoint
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=20
2022-09-29 14:24:37 +00:00
5ae9450724 Accepting request 998240 from home:jeff_mahoney:branches:security:sensor
- Update to version 0.6.4.2~git59.5ebb49db:
  * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2

- Update to version 0.6.4.2~git57.fcb11adf:
  * kafka-humio-gateway: add sample config file

- Updated BuildRequires to use go 1.17 after updating vendoring

- Add vmlinux.h from 5.18.9-2-default to provide type information (x86_64 only)

- Update to version 0.6.4.2~git56.47b4adb4:
  * Updating the NewFiles and ProcessStatuses Artifacts
  * cronsnoop: Add plugin which is able to snoop removal/addition of cron… (#37)
  * third_party/go-libaudit: don't directly use unix.*
  * Add Linux.Remediation.Quarantine artifact
  * Extend audit artifacts to use new interface
  * audit: rearchitect plugin to scale better with multiple invocations
  * third_party/go-libaudit: move handling of receive buffer to caller
  * third_party/go-libaudit: move buffer handling from netlink to audit
  * third_party/go-libaudit: allow audit fd to be pollable
  * third_party/go-libaudit: Add support for removing individual rules
  * third_party/go-libaudit: rule.Rule.Build: Don't assume that no syscalls means all syscalls
  * third_party/go-libaudit: Report missing rules during deletion
  * import go-libaudit as a third-party module
  * quarantine: actually call the OS-specific artifact
  * artifactset: add ability to select named sources
  * GUI: Artifact selector (#1790)
  * host-info: make quarantine UI more robust with non-Windows client hosts
  * shell-viewer: default to Bash on non-Windows clients

OBS-URL: https://build.opensuse.org/request/show/998240
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=18
2022-08-19 18:30:12 +00:00
9b25021947 Accepting request 976934 from home:jeff_mahoney:branches:security:sensor
- Update to upstream 0.6.4-2:
  * Reset nanny when client connection failed. (#1780)
  * Fix artifacts that use yara parameters to specify yara type (#1779)
  * Update release for bugfixes 0.6.4-2
  * Add update to ADSHunter for better output on complete system hunts (#28) (#1765)
  * SysmonInstall artifact now skips install if not needed (#1777)
  * Initial implementation of client side process tracker. (#1768)
  * Invalidate transformed cache when the base table changes. (#1742)
  * GUI Table widgets now can apply transformations on the table. (#1740)
  * Suppress warning message for offline collector (#1776)
  * Bug fix (#1774)
  * Avoid bash process lingering around while server is running (#1775)
  * oidc: Fix typo: Genric -> Generic (#1773)
  * Make MaxWait for event table settable. (#1772)
  * Fixed bug in Windows.Detection.Yara.Process (#1771)
  * fix: upgrade react-scripts from 5.0.0 to 5.0.1 (#1770)
  * Bugfix: Client did not update list of query columns (#1767)
  * Merge bugfixes from master branch. (#1769)
- Revendored dependencies.

- Update to version 0.6.4~git31.4298eab0:
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * tcpsnoop: Properly close module in case of attach error
  * Elastic.Events.Client: Update to use new artifactset type
  * Kafka.Events.Client: Update to use new artifactset type
  * artifacts: add artifactset parameter type
  * api: add type and description fields to v1/GetArtifacts endpoint
  * Add artifacts for dns/tcp snoop plugins

OBS-URL: https://build.opensuse.org/request/show/976934
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=17
2022-05-12 20:23:00 +00:00
3918cd153e Accepting request 976928 from home:jeff_mahoney:branches:security:sensor
- Update to version 0.6.4~git31.4298eab0:
  * Elastic.Events.Client: Update to use new artifactset type
  * Kafka.Events.Client: Update to use new artifactset type
  * artifacts: add artifactset parameter type
  * api: add type and description fields to v1/GetArtifacts endpoint

- Update to version 0.6.4~git31.4298eab0:
  * Elastic.Events.Client: Update to use new artifactset type
  * Kafka.Events.Client: Update to use new artifactset type
  * artifacts: add artifactset parameter type
  * api: add type and description fields to v1/GetArtifacts endpoint

OBS-URL: https://build.opensuse.org/request/show/976928
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=16
2022-05-12 18:34:03 +00:00
6b715abe43 Accepting request 976815 from home:jeff_mahoney:branches:security:sensor
- Update to version 0.6.4~git26.4407b9b7:
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * tcpsnoop: Properly close module in case of attach error
  * Add artifacts for dns/tcp snoop plugins
  * tcpsnoop: Add timestamp to generated events
  * dnssnoop: Add timestamp to generated events

- Update to version 0.6.4~git26.4407b9b7:
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * tcpsnoop: Properly close module in case of attach error
  * Add artifacts for dns/tcp snoop plugins
  * tcpsnoop: Add timestamp to generated events
  * dnssnoop: Add timestamp to generated events

OBS-URL: https://build.opensuse.org/request/show/976815
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=15
2022-05-12 17:50:00 +00:00
2d6a29d947 Accepting request 975255 from home:jeff_mahoney:security:sensor:devel
- Fix error handling in tcpsnoop and dnssnoop.
  * If BTF information is unavailable, there is no indication that the
    query has failed.

- Rebase on 0.6.4:
  * Updated dependencies
  * Bugfix: startup bugs (#1680)
  * bugfix: Server event notebook not correctly created (#1737)
  * Bugfix: Start a dummy indexing service (#1736)
  * Add bugfix which would return no rows if the user removed whitelist (#1735)
  * Fixed bug in read_reg_key (#1734)
  * BUGFIX: Do not include config flag when darwin installer is repacked (#1733)
  * Refactored index into its own service. (#1730)
  * Bugfix: Write one index item per JSONL record. (#1727)
  * Bugfix: Estimating client impact should consider last active status (#1726)
  * Add complete ntfs metadata option to MFT output (#1725)
  * Various bugfixes. (#1724)
  * Update Usn.yaml (#1723)
  * Fixed a bug in hunt download preparation. (#1722)
  * Add Windows.Forensics.Usn filter and presentation updates (#1720)
  * Optimize writing event monitoring records (#1721)
  * Add Generic.Detection.Yara.Zip (#1718)
  * Fixed crash on master-pong response. (#1719)
  * Remove _type option from elastic. (#1715)
  * Opportunistically update directly connected client's ping times (#1713)
  * Fixed a bug in hunt download preparation. (#1722)
  * Add Windows.Forensics.Usn filter and presentation updates (#1720)
  * Optimize writing event monitoring records (#1721)
  * Add Generic.Detection.Yara.Zip (#1718)
  * Fixed crash on master-pong response. (#1719)

OBS-URL: https://build.opensuse.org/request/show/975255
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=14
2022-05-05 18:38:36 +00:00
ae02f616a5 - Update to version 0.6.3~git19.640f7a1c:
* Add tcpsnoop plugin

- Update to version 0.6.3~git19.640f7a1c:
  * Add tcpsnoop plugin

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=13
2022-03-18 16:16:16 +00:00
ce24aee9be - Update to version 0.6.3~git17.741ebb59:
* kafka-humio-gateway: update README.md
  * kafka-humio-gateway: Fix missing variable rename
  * Add Kafka-Humio Gateway [Depends on PR#10] (#8)

- Update to version 0.6.3~git17.741ebb59:
  * kafka-humio-gateway: update README.md
  * kafka-humio-gateway: Fix missing variable rename
  * Add Kafka-Humio Gateway [Depends on PR#10] (#8)

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=11
2022-03-15 14:14:34 +00:00
abc6b0bb16 - Update to version 0.6.3~git13.af7fdb00:
* SUSE: Add SSHLogin artifacts
  * Add a Kafka export plugin
  * SUSE: Do build tests on every pull request
  * Add systemd-dev as build dependency for github workflow

- Update to version 0.6.3~git13.af7fdb00:
  * SUSE: Add SSHLogin artifacts
  * Add a Kafka export plugin
  * SUSE: Do build tests on every pull request
  * Add systemd-dev as build dependency for github workflow

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=10
2022-03-15 02:18:53 +00:00
52390d084f Accepting request 955746 from home:jeff_mahoney:branches:security:sensor
Update to follow sensor-base-0.6.3 branch.

OBS-URL: https://build.opensuse.org/request/show/955746
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=9
2022-02-18 01:36:48 +00:00
0365dcf377 Accepting request 950798 from home:jeff_mahoney:branches:security:sensor
- Resolved some rpmlint warnings and added client config placeholder.

- Update to version 0.6.3~git0.69e0fffa:
  * Prepare for 0.6.3 release (#1515)
  * add limitations to description and key path to query (#1514)
  * Retry remote datastore connections (#1513)
  * Write minion log files and autocert in its own dir.  (#1512)
  * Synced KapeFiles artifacts (#1511)
  * Added data retention server artifacts (#1510)
  * Set an upper limit for ttl in memcache (#1508)
  * Add updates to Windows.System.Services (#15) (#1509)
  * Ensure collector container is properly closed when interrupted. (#1507)
  * Continually rebuild the index at runtime. (#1506)
  * Harder vacuum - directly move client task directories to the attic. (#1505)
  * add limitation disclaimer (#1504)
  * Reduce critial section to avoid deadlock in repository manager (#1503)
  * Implemented a vacuum command to remove old tasks from client queues. (#1501)
  * Better format profile metrics output. (#1495)
  * Cap size of directories and report large directories. (#1493)
  * Set ACE completers per editor to avoid global state. (#1492)
  * Add HttpOnly flag to all cookies. (#1491)
  * Refactor completion routine calls (#1490)
  * fix: upgrade react-bootstrap from 1.3.0 to 1.6.4 (#1486)
  * fix: upgrade http-proxy-middleware from 1.0.5 to 1.3.1 (#1485)
  * fix: upgrade react-ace from 9.1.3 to 9.5.0 (#1487)
  * fix: upgrade recharts from 2.0.9 to 2.1.8 (#1488)
  * fix: upgrade react-datetime-picker from 3.0.4 to 3.4.3 (#1489)
  * Limit size of cached directories. (#1483)
  * Add more instrumentation to memory caches. (#1482)
  * Fixed chart resizing bug (#1481)

OBS-URL: https://build.opensuse.org/request/show/950798
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=3
2022-02-02 18:59:59 +00:00