Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
s
seph
02/06/2023, 4:48 PMHi folks. I wanted to checkin on where we are with 5.8
• I see the ETW events table was renamed. Was there anything else?
• I think Stefano’s various library PRs all merged
• @alessandrogario Should we merge in https://github.com/osquery/osquery/pull/7773
I think it would also be good to get some small fixes/features in:
• https://github.com/osquery/osquery/pull/7916
• https://github.com/osquery/osquery/pull/7803
• https://github.com/osquery/osquery/pull/7801
a
alessandrogario
02/06/2023, 5:24 PMI've rebased my PR, so it should be easy to merge now 🙂
s
seph
02/06/2023, 5:26 PMI can review, and probably give it a quick thumb.
Is 7916 easy for you to review?
z
zwass
02/06/2023, 6:02 PMWindows ETW should be ready to merge but someone besides me needs to approve it.
s
seph
02/06/2023, 6:39 PMApproved
b
Brad Girardeau
02/08/2023, 11:48 PM@seph is it easy for you to finish the review/merge of https://github.com/osquery/osquery/pull/7801?
Having the epoch saved correctly for the events tables would fix the client continually logging that the epoch changed for a query (even when it hasn't)