Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
d
duongtt
02/17/2020, 5:06 AMHi, I'm building osquery extension in platform Windows 10 following this link: https://osquery.readthedocs.io/en/1.8.2/development/windows-provisioning/ and also https://github.com/trailofbits/osquery-extensions/blob/master/README.md
- What I have done is
+ set my project at C driver, so my path to osquery is:
C:\osquery\tmp\osquery.\tools\make-win64-dev-env.batprovision.ps1doxygen.\tools\make-win64-binaries.batexternalCreating library C:/osquery/tmp/osquery/build/windows10/osquery/Release/osqueryd.lib and object C:/osquery/tmp/osquery/build/windows10/osquery/Release/osqueryd.explibeay32.lib(b_sock.obj) : error LNK2001: unresolved external symbol __imp_htonl [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
osquery.lib(impl_thrift.obj) : error LNK2001: unresolved external symbol __imp_htonl [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
osquery.lib(rocksdb_database.obj) : error LNK2001: unresolved external symbol __imp_htonl [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
thriftmt.lib(TBufferTransports.obj) : error LNK2001: unresolved external symbol __imp_htonl [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
libeay32.lib(bss_conn.obj) : error LNK2001: unresolved external symbol __imp_htonl [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
osquery.lib(impl_thrift.obj) : error LNK2001: unresolved external symbol __imp_htons [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
osquery.lib(rocksdb_database.obj) : error LNK2001: unresolved external symbol __imp_htons [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
libeay32.lib(bss_conn.obj) : error LNK2001: unresolved external symbol __imp_htons [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]
...
C:\osquery\tmp\osquery\build\windows10\osquery\Release\osqueryd.exe : fatal error LNK1120: 110 unresolved externals [C:\osquery\tmp\osquery\build\windows10\osquery\daemon.vcxproj]a
alessandrogario
02/17/2020, 11:04 AMHave you tried using the build guide at https://osquery.readthedocs.io/en/latest/development/building/ ?
Seems like you are building an old version of osquery ? The extensions are being updated to build with osquery 4.x
👍 1
d
duongtt
02/17/2020, 11:09 AMBut my whole project in linux side is using osquery version 3.3.2, and it worked fine, So I'm trying to make thing work in windows
Also, when I tried the lastest version of osquery (the function
ADD_OSQUERY_EXTENSIONSeems like osquery version 3.3.2, the function
ADD_OSQUERY_EXTENSIONWhen I tried to run
cmake -G "Visual Studio 16 2019" -A x64 -T v141 ..Unknown CMake command "ADD_OSQUERY_EXTENSION"p.s:
ADD_OSQUERY_EXTENSION@alessandrogario sorry to bothering you, but I have tried the lastest version of osquery (more specifically, I'm using 4.1.2-57-gda4bfd47)
So I had chosen the extension from https://github.com/trailofbits/osquery-extensions/blob/master/README.md to test how to build with osquery
But it seems like the lastest version cannot build the extension. What could I do to build the trailofbits extension with the lastest version of osquery? Thank you very much !