Revisions of velociraptor
Jeff Mahoney (jeff_mahoney)
accepted
request 976934
from
Jeff Mahoney (jeff_mahoney)
(revision 17)
- Update to upstream 0.6.4-2: * Reset nanny when client connection failed. (#1780) * Fix artifacts that use yara parameters to specify yara type (#1779) * Update release for bugfixes 0.6.4-2 * Add update to ADSHunter for better output on complete system hunts (#28) (#1765) * SysmonInstall artifact now skips install if not needed (#1777) * Initial implementation of client side process tracker. (#1768) * Invalidate transformed cache when the base table changes. (#1742) * GUI Table widgets now can apply transformations on the table. (#1740) * Suppress warning message for offline collector (#1776) * Bug fix (#1774) * Avoid bash process lingering around while server is running (#1775) * oidc: Fix typo: Genric -> Generic (#1773) * Make MaxWait for event table settable. (#1772) * Fixed bug in Windows.Detection.Yara.Process (#1771) * fix: upgrade react-scripts from 5.0.0 to 5.0.1 (#1770) * Bugfix: Client did not update list of query columns (#1767) * Merge bugfixes from master branch. (#1769) - Revendored dependencies. - Update to version 0.6.4~git31.4298eab0: * Add artifact for chattrsnoop plugin * bpflib: ensure it's built only on linux and when requesting bpf * Add chattrsnoop plugin * tcpsnoop: Properly close module in case of attach error * Elastic.Events.Client: Update to use new artifactset type * Kafka.Events.Client: Update to use new artifactset type * artifacts: add artifactset parameter type * api: add type and description fields to v1/GetArtifacts endpoint * Add artifacts for dns/tcp snoop plugins
Jeff Mahoney (jeff_mahoney)
accepted
request 976928
from
Jeff Mahoney (jeff_mahoney)
(revision 16)
- Update to version 0.6.4~git31.4298eab0: * Elastic.Events.Client: Update to use new artifactset type * Kafka.Events.Client: Update to use new artifactset type * artifacts: add artifactset parameter type * api: add type and description fields to v1/GetArtifacts endpoint - Update to version 0.6.4~git31.4298eab0: * Elastic.Events.Client: Update to use new artifactset type * Kafka.Events.Client: Update to use new artifactset type * artifacts: add artifactset parameter type * api: add type and description fields to v1/GetArtifacts endpoint
Jeff Mahoney (jeff_mahoney)
accepted
request 976815
from
Jeff Mahoney (jeff_mahoney)
(revision 15)
- Update to version 0.6.4~git26.4407b9b7: * Add artifact for chattrsnoop plugin * bpflib: ensure it's built only on linux and when requesting bpf * Add chattrsnoop plugin * tcpsnoop: Properly close module in case of attach error * Add artifacts for dns/tcp snoop plugins * tcpsnoop: Add timestamp to generated events * dnssnoop: Add timestamp to generated events - Update to version 0.6.4~git26.4407b9b7: * Add artifact for chattrsnoop plugin * bpflib: ensure it's built only on linux and when requesting bpf * Add chattrsnoop plugin * tcpsnoop: Properly close module in case of attach error * Add artifacts for dns/tcp snoop plugins * tcpsnoop: Add timestamp to generated events * dnssnoop: Add timestamp to generated events
Jeff Mahoney (jeff_mahoney)
accepted
request 975255
from
Jeff Mahoney (jeff_mahoney)
(revision 14)
- Fix error handling in tcpsnoop and dnssnoop. * If BTF information is unavailable, there is no indication that the query has failed. - Rebase on 0.6.4: * Updated dependencies * Bugfix: startup bugs (#1680) * bugfix: Server event notebook not correctly created (#1737) * Bugfix: Start a dummy indexing service (#1736) * Add bugfix which would return no rows if the user removed whitelist (#1735) * Fixed bug in read_reg_key (#1734) * BUGFIX: Do not include config flag when darwin installer is repacked (#1733) * Refactored index into its own service. (#1730) * Bugfix: Write one index item per JSONL record. (#1727) * Bugfix: Estimating client impact should consider last active status (#1726) * Add complete ntfs metadata option to MFT output (#1725) * Various bugfixes. (#1724) * Update Usn.yaml (#1723) * Fixed a bug in hunt download preparation. (#1722) * Add Windows.Forensics.Usn filter and presentation updates (#1720) * Optimize writing event monitoring records (#1721) * Add Generic.Detection.Yara.Zip (#1718) * Fixed crash on master-pong response. (#1719) * Remove _type option from elastic. (#1715) * Opportunistically update directly connected client's ping times (#1713) * Fixed a bug in hunt download preparation. (#1722) * Add Windows.Forensics.Usn filter and presentation updates (#1720) * Optimize writing event monitoring records (#1721) * Add Generic.Detection.Yara.Zip (#1718) * Fixed crash on master-pong response. (#1719)
Jeff Mahoney (jeff_mahoney)
committed
(revision 13)
- Update to version 0.6.3~git19.640f7a1c: * Add tcpsnoop plugin - Update to version 0.6.3~git19.640f7a1c: * Add tcpsnoop plugin
Jeff Mahoney (jeff_mahoney)
committed
(revision 12)
fix missing files
Jeff Mahoney (jeff_mahoney)
committed
(revision 11)
- Update to version 0.6.3~git17.741ebb59: * kafka-humio-gateway: update README.md * kafka-humio-gateway: Fix missing variable rename * Add Kafka-Humio Gateway [Depends on PR#10] (#8) - Update to version 0.6.3~git17.741ebb59: * kafka-humio-gateway: update README.md * kafka-humio-gateway: Fix missing variable rename * Add Kafka-Humio Gateway [Depends on PR#10] (#8)
Jeff Mahoney (jeff_mahoney)
committed
(revision 10)
- Update to version 0.6.3~git13.af7fdb00: * SUSE: Add SSHLogin artifacts * Add a Kafka export plugin * SUSE: Do build tests on every pull request * Add systemd-dev as build dependency for github workflow - Update to version 0.6.3~git13.af7fdb00: * SUSE: Add SSHLogin artifacts * Add a Kafka export plugin * SUSE: Do build tests on every pull request * Add systemd-dev as build dependency for github workflow
Jeff Mahoney (jeff_mahoney)
accepted
request 955746
from
Jeff Mahoney (jeff_mahoney)
(revision 9)
Update to follow sensor-base-0.6.3 branch.
Jeff Mahoney (jeff_mahoney)
committed
(revision 8)
trigger service run
Jeff Mahoney (jeff_mahoney)
committed
(revision 7)
Jeff Mahoney (jeff_mahoney)
committed
(revision 6)
trigger service run
Jeff Mahoney (jeff_mahoney)
accepted
request 952778
from
Jeff Mahoney (jeff_mahoney)
(revision 5)
- Added client systemd unit files to velociraptor package (LSS#5). Since the velociraptor binary in the 'server' package can also function as the client, we'll need the client config as well. - Temporarily re-enable Windows artifacts (LSS#4).
Jeff Mahoney (jeff_mahoney)
accepted
request 952144
from
Jeff Mahoney (jeff_mahoney)
(revision 4)
- Temporarily re-enable Windows artifacts.
Jeff Mahoney (jeff_mahoney)
accepted
request 950798
from
Jeff Mahoney (jeff_mahoney)
(revision 3)
- Resolved some rpmlint warnings and added client config placeholder. - Update to version 0.6.3~git0.69e0fffa: * Prepare for 0.6.3 release (#1515) * add limitations to description and key path to query (#1514) * Retry remote datastore connections (#1513) * Write minion log files and autocert in its own dir. (#1512) * Synced KapeFiles artifacts (#1511) * Added data retention server artifacts (#1510) * Set an upper limit for ttl in memcache (#1508) * Add updates to Windows.System.Services (#15) (#1509) * Ensure collector container is properly closed when interrupted. (#1507) * Continually rebuild the index at runtime. (#1506) * Harder vacuum - directly move client task directories to the attic. (#1505) * add limitation disclaimer (#1504) * Reduce critial section to avoid deadlock in repository manager (#1503) * Implemented a vacuum command to remove old tasks from client queues. (#1501) * Better format profile metrics output. (#1495) * Cap size of directories and report large directories. (#1493) * Set ACE completers per editor to avoid global state. (#1492) * Add HttpOnly flag to all cookies. (#1491) * Refactor completion routine calls (#1490) * fix: upgrade react-bootstrap from 1.3.0 to 1.6.4 (#1486) * fix: upgrade http-proxy-middleware from 1.0.5 to 1.3.1 (#1485) * fix: upgrade react-ace from 9.1.3 to 9.5.0 (#1487) * fix: upgrade recharts from 2.0.9 to 2.1.8 (#1488) * fix: upgrade react-datetime-picker from 3.0.4 to 3.4.3 (#1489) * Limit size of cached directories. (#1483) * Add more instrumentation to memory caches. (#1482) * Fixed chart resizing bug (#1481)
Christian Almeida de Oliveira (calmeidadeoliveira)
accepted
request 950594
from
William Brown (firstyear)
(revision 2)
- Add client service file
Jeff Mahoney (jeff_mahoney)
committed
(revision 1)
osc copypac from project:home:jeff_mahoney:security:sensor package:velociraptor revision:2
Displaying revisions 61 - 77 of 77