Hi folks. I wanted to checkin on where we are with...
# cores
seph
02/06/2023, 4:48 PM
Hi folks. I wanted to checkin on where we are with 5.8
• I see the ETW events table was renamed. Was there anything else?
• I think Stefano’s various library PRs all merged
• @alessandrogario Should we merge in https://github.com/osquery/osquery/pull/7773
I think it would also be good to get some small fixes/features in:
• https://github.com/osquery/osquery/pull/7916
• https://github.com/osquery/osquery/pull/7803
• https://github.com/osquery/osquery/pull/7801
a
alessandrogario
02/06/2023, 5:24 PM
I've rebased my PR, so it should be easy to merge now 🙂
s
seph
02/06/2023, 5:26 PM
I can review, and probably give it a quick thumb.
seph
02/06/2023, 5:26 PM
Is 7916 easy for you to review?
z
zwass
02/06/2023, 6:02 PM
Windows ETW should be ready to merge but someone besides me needs to approve it.
s
seph
02/06/2023, 6:39 PM
Approved
b
Brad Girardeau
02/08/2023, 11:48 PM@seph is it easy for you to finish the review/merge of https://github.com/osquery/osquery/pull/7801?
Having the epoch saved correctly for the events tables would fix the client continually logging that the epoch changed for a query (even when it hasn't)
7 Views