SHA256
1
0
forked from pool/velociraptor
Commit Graph

4 Commits

Author SHA256 Message Date
4f3a31cc82 Accepting request 1035327 from home:jeff_mahoney:security:sensor
- Update to version 0.6.4.2~git86.b5931f7:
  * cleanup: go mod tidy
- Fix vendoring of replaced modules.
- Only require libtsan0 on x86_64
- Only attempt to copy vmlinux.h if /sys/kernel/btf/vmlinux doesn't exist
- Fix building of libbpfgo on i586

- Update to version 0.6.4.2~git84.1b38fda:
  * Clean up libbpfgo mess
  * libbpfgo: use forked repo for fully static builds
  * libbpfgo: sync to v0.4.4-libbpf-1.0.1
  * contrib/kafka-humio-gateway: add new debug option for noisy events
  * contrib/kafka-humio-gateway: backoff and retry for metadata
  * vql/server/kafka: connect sarama logging to velociraptor logging
  * vql/server/kafka: add exponential backoff (limited to 30s) for metadata retries
  * vql/server/kafka: set appropriate ClientID
  * libbpfgo: add selftest to build so testcases work
  * cronsnoop: rework testcases to use t.TempDir
  * cronsnoop: move external dependencies to end of import list
  * SSHLogin: require _TRANSPORT != 'kernel' from watch_journal()

- Update to version 0.6.4.2~git67.85b608e:
  * clients/host-info.js: add MAC addresses to client dashboard
  * linux: Add ability to interrogate system and network configuration
  * SUSE: Add docker-compose environment
  * SUSE: add Docker files
  * Add Linux.Sys.Bash to Server.Monitor.Shell artifact
  * api/authenticators: fix handling of missing oauthstate cookie for OAUTH2
  * kafka-humio-gateway: add sample config file
  * Updating the NewFiles and ProcessStatuses Artifacts

OBS-URL: https://build.opensuse.org/request/show/1035327
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=22
2022-11-12 01:51:37 +00:00
6b715abe43 Accepting request 976815 from home:jeff_mahoney:branches:security:sensor
- Update to version 0.6.4~git26.4407b9b7:
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * tcpsnoop: Properly close module in case of attach error
  * Add artifacts for dns/tcp snoop plugins
  * tcpsnoop: Add timestamp to generated events
  * dnssnoop: Add timestamp to generated events

- Update to version 0.6.4~git26.4407b9b7:
  * Add artifact for chattrsnoop plugin
  * bpflib: ensure it's built only on linux and when requesting bpf
  * Add chattrsnoop plugin
  * tcpsnoop: Properly close module in case of attach error
  * Add artifacts for dns/tcp snoop plugins
  * tcpsnoop: Add timestamp to generated events
  * dnssnoop: Add timestamp to generated events

OBS-URL: https://build.opensuse.org/request/show/976815
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=15
2022-05-12 17:50:00 +00:00
2d6a29d947 Accepting request 975255 from home:jeff_mahoney:security:sensor:devel
- Fix error handling in tcpsnoop and dnssnoop.
  * If BTF information is unavailable, there is no indication that the
    query has failed.

- Rebase on 0.6.4:
  * Updated dependencies
  * Bugfix: startup bugs (#1680)
  * bugfix: Server event notebook not correctly created (#1737)
  * Bugfix: Start a dummy indexing service (#1736)
  * Add bugfix which would return no rows if the user removed whitelist (#1735)
  * Fixed bug in read_reg_key (#1734)
  * BUGFIX: Do not include config flag when darwin installer is repacked (#1733)
  * Refactored index into its own service. (#1730)
  * Bugfix: Write one index item per JSONL record. (#1727)
  * Bugfix: Estimating client impact should consider last active status (#1726)
  * Add complete ntfs metadata option to MFT output (#1725)
  * Various bugfixes. (#1724)
  * Update Usn.yaml (#1723)
  * Fixed a bug in hunt download preparation. (#1722)
  * Add Windows.Forensics.Usn filter and presentation updates (#1720)
  * Optimize writing event monitoring records (#1721)
  * Add Generic.Detection.Yara.Zip (#1718)
  * Fixed crash on master-pong response. (#1719)
  * Remove _type option from elastic. (#1715)
  * Opportunistically update directly connected client's ping times (#1713)
  * Fixed a bug in hunt download preparation. (#1722)
  * Add Windows.Forensics.Usn filter and presentation updates (#1720)
  * Optimize writing event monitoring records (#1721)
  * Add Generic.Detection.Yara.Zip (#1718)
  * Fixed crash on master-pong response. (#1719)

OBS-URL: https://build.opensuse.org/request/show/975255
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=14
2022-05-05 18:38:36 +00:00
ae02f616a5 - Update to version 0.6.3~git19.640f7a1c:
* Add tcpsnoop plugin

- Update to version 0.6.3~git19.640f7a1c:
  * Add tcpsnoop plugin

OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=13
2022-03-18 16:16:16 +00:00