https://github.com/osquery/osquery logo
Join Slack
Powered by
Hi all, I am new to this amazing tool... I would l...
# general
r
Hi all, I am new to this amazing tool... I would like to see/review the code and may be imagine an extension... Is there any help/documentation for beginners about how to create a development environment to work easily? I normally use ubuntu and vscode. Any help will be really appreciated!
a
If you are on a recent Ubuntu version, you can install the following packages to get started: 
flex bison elfutils rpm ccache ninja-build
Then download and extract the osquery-toolchain somewhere: https://github.com/osquery/osquery-toolchain/releases/download/1.1.0/osquery-toolchain-1.1.0-x86_64.tar.xz Then configure & build: 
cmake -S <src_folder> -B build -DCMAKE_BUILD_TYPE=RelWithDebInfo -G Ninja -DOSQUERY_TOOLCHAIN_SYSROOT=/path/to/osquery-toolchain
cmake --build build
It is best to match the correct version of CMake (https://cmake.org/files/v3.17/cmake-3.17.5-Linux-x86_64.tar.gz) if possible, but that's mostly due to a quirk in how packaging works, so if you are not going to generate & redistribute them, you can use any version >= 3.17 (
snap install --classic cmake
usually has the latest version available)
Running the tests requires some Python dependencies, they are all documented in the build guide linked in the first message
r
thank you very much... Really appreciated @alessandrogario!
a
Let us know if you encounter any issue in the build process
r
sure!!
a
You can also join #C6PNW4528 if you are interested, it's once every two weeks
Next one is this tuesday!
r
I would love too. Thank you very much for the invite.
I will be installing this afternoon and I will let you know how does it go...
s
I would additionally suggest to install the CMake extension in vscode and additional add 
-DADD_HEADERS_AS_SOURCES=ON
to CMake, so that most of the headers that might be trickier to detect by vscode are seen by it. Also remember to put those configuration options in the CMake extension itself so that the extension will configure the same thing you have given from the command line. Finally if you are exploring before building, you might want to at least build the 
prepare_for_ide
target. This is a special target that does some build steps to help the IDE find what it needs (because we have to generate some files and wire headers in a certain way).
💯 1
s
Also worth mentioning, that extensions do not have to be in c++. Osquery talks to the extensions over a thrift socket, so anything that supports thrift should work. We distributed python and golang SDKs. The c++ is a little weird. And I’ve used ruby, though we don’t ship anything to make that easy
r
Amazing! I followed all your instructions and everything works smoothly. Thank you very much @alessandrogario, @Stefano Bonicatti ans @seph.
I will be exploring osquery and I may soon have a lot of questions, and hopefully ideas... 🙂
Hello all, I have tried to build again the project and getting errors related to gcc/c++ options. Is there any chance that tomorrow after the office hours any of you could help me understand what is happening?
Thank you!
a
We have a section dedicated to this in the office hours schedule! We are happy to help 🙂
r
Thank you very much!! 🙂
a
12 Views
Open in Slack
PreviousNext
Powered by