The previous change here (#797) was not backward compatible and would be difficult to roll out. This change restores the previously used key and adds 2 new ones for migration. The previous key is marked deprecated and will be removed in the future.
* Add config to allow uploading all events
This config can be enabled locally or by a sync server and causes the
client to upload all events, not just those for binaries that are or
would be blocked.
Fixes#689
* GUI: Add %bundle_or_file_sha% translation key
This mimics the current behavior that %file_sha% previously had and
moves %file_sha% to the expected behavior or just showing the file's
SHA.
Related to #795
This includes:
* All of the code in Source/santa_driver containing the kernel extension
* The SNTDriverManager event provider
* All workflows in our CI related to testing if the driver builds
* Installation of the driver in install.sh. Note that code uninstalling existing instances of the driver is still intentionally kept present.
* Kernel extension-specific build rules
* Renames SNTKernelCommon to SNTCommon
* Driver version output from santactl version
* The [SNTConfigurator EnableSystemExtension] configuration key
* Initial protobuf support, maildir logging
Fix build issues in the integration test
Deduped some test code
Formatting
Address feedback from draft PR
Removed legacy labels. Updated docs.
Add in metrics. Fix protobuf logging test.
* Now use the Any proto for the LogBatch wrapper
* Changes based on PR feedback
* Added gauge metrics for spool dir
* Formatting
* Add event time to proto
* Fix build issue after rebase
* Update BUILD rules
* Updated language around protobuf logging to mark as beta
* Add a USB device blocking popup.
* Refactor SNTNotificationManager and SNTMessageWindowController to make
for generalized notification logic
* Add the configuration keys for custom block messages and resize window
* USB mass storage blocking.
* Add the sync service and config key for enabling mass USB storage blocking
* Update docs with the sync service key
* Add ability to forcibly remount USBs with different flags
* update EndpointSecurityTestUtil and tests that use it to properly handle multiple ES clients
Add santametricservice and basic metrics to Santad.
This PR adds the santametricservice, and adds basic metrics to santad. It also updates the SNTMetricSet to have and updates packaging scripts to include the santametricservice (aka metric service) in the final bundle.
Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
* Initial commit of a Format that converts SNTMetricSet dictionaries to a format consumable by Monarch tooling.
Co-authored-by: Russell Hancox <russellhancox@users.noreply.github.com>
* Added types for recording and storing performance metrics.
This adds SNTMetricSet and various gauge and counter types to allow for
exporting metrics such as CPU,Memory usage and other properties that are useful
for tracking reliability and debugging.
This is the first commit of a series to add support for monitoring systems.
Co-authored-by: Kent Ma <tnek@google.com>
* Reorder init lists for -Wreorder-init-lists
* Add nullability annotations to the rest of EndpointSecurityTestUtil
* Added fake uses for -Wunused-variable
* Corrected signed/unsigned int conversions in SNTPrefixTree
* Explicitly convert implicit conversions in Santacache
* Set bazelrc to -Werror -Wall
This fixes transitive allowlisting when `EnableSysxCache` is turned on, reduces the deadline timer to fire 5s before the ES deadline, remaps our DEBUG logs to NOTICE so they can be more easily seen in Console and prevents transitive rules being created for paths under /dev/.
