groob
groob
drake
01/11/2019, 7:43 PMgroob
groob
groob
packetzero
01/24/2019, 3:48 PMmark
01/24/2019, 10:31 PMfile
table (using extended_schema
)? I'm a little new to this community, so I wanted to ask because it struck me that schema modifications might not be something done lightly 🙂zwass
Undefined symbols for architecture x86_64:
"google::FlagRegisterer::FlagRegisterer(char const*, char const*, char const*, char const*, void*, void*)", referenced from:
__GLOBAL__sub_I_kafka_producer.cpp in libkafka_producer.a(kafka_producer.cpp.o)
__GLOBAL__sub_I_events.cpp in libevents.a(events.cpp.o)
__GLOBAL__sub_I_event_taps.cpp in libevents.a(event_taps.cpp.o)
__GLOBAL__sub_I_openbsm.cpp in libevents.a(openbsm.cpp.o)
__GLOBAL__sub_I_decorators.cpp in libparsers.a(decorators.cpp.o)
__GLOBAL__sub_I_sql.cpp in libsql.a(sql.cpp.o)
__GLOBAL__sub_I_sqlite_util.cpp in libsql.a(sqlite_util.cpp.o)
...
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Parsing buck files: finished in 1.8 sec
Creating action graph: finished in 0.8 sec
Building: finished in 4.4 sec (100%) 208/209 jobs, 1 updated
Total time: 7.2 sec
Command failed with exit code 1.
stderr: Undefined symbols for architecture x86_64:
"google::FlagRegisterer::FlagRegisterer(char const*, char const*, char const*, char const*, void*, void*)", referenced from:
__GLOBAL__sub_I_kafka_producer.cpp in libkafka_producer.a(kafka_producer.cpp.o)
__GLOBAL__sub_I_events.cpp in libevents.a(events.cpp.o)
__GLOBAL__sub_I_event_taps.cpp in libevents.a(event_taps.cpp.o)
__GLOBAL__sub_I_openbsm.cpp in libevents.a(openbsm.cpp.o)
__GLOBAL__sub_I_decorators.cpp in libparsers.a(decorators.cpp.o)
__GLOBAL__sub_I_sql.cpp in libsql.a(sql.cpp.o)
__GLOBAL__sub_I_sqlite_util.cpp in libsql.a(sqlite_util.cpp.o)
...
ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
When running <c++ link>.
When building rule //osquery:osqueryd#binary.
packetzero
02/08/2019, 8:46 PMmark
02/08/2019, 10:55 PMdwProductVersion*
fields rather than the dwFileVersion*
fields, just wondering if there was any story behind this?
https://github.com/facebook/osquery/blob/992d2d3396aa13ca42cc775fcfae2af5cd008d29/osquery/filesystem/windows/fileops.cpp#L137-L140
https://docs.microsoft.com/en-us/windows/desktop/api/verrsrc/ns-verrsrc-tagvs_fixedfileinfoseph
groob
zwass
theopolis
zwass
theopolis
zwass
wget <https://s3.amazonaws.com/osquery-packages/third-party/pre-built/macos-x86_64/MarkupSafe-1.1.0-cp37-cp37m-macosx_10_6_intel.whl>
--2019-07-02 13:25:38-- <https://s3.amazonaws.com/osquery-packages/third-party/pre-built/macos-x86_64/MarkupSafe-1.1.0-cp37-cp37m-macosx_10_6_intel.whl>
Resolving <http://s3.amazonaws.com|s3.amazonaws.com> (<http://s3.amazonaws.com|s3.amazonaws.com>)... 52.216.165.141
Connecting to <http://s3.amazonaws.com|s3.amazonaws.com> (<http://s3.amazonaws.com|s3.amazonaws.com>)|52.216.165.141|:443... connected.
Unable to establish SSL connection.
Chris Broome
07/03/2019, 3:09 PMOsqueryLogger
struct has separate Status
and Result
loggers. that’s great! However, in the osquery source code I don’t a distinction made between the 2 types of logs. My question is this: is it possible to configure osquery to send status logs to a different output than the result logs?theopolis
seph
theopolis
seph
seph
defensivedepth
08/13/2019, 11:38 PMseph
theopolis
theopolis
theopolis
theopolis