tango-maat

gfwleak/tango-maat

Archived

Fork 0

Commit Graph

Select branches

Hide Pull Requests

dev-23.07

dev-24.02

develop-version3

develop-version4

develop-version5

refactor-separate-scan-and-stat-compile

rename-attribute_name-to-field-v24.12

3.1.22

3.2.3

3.6.11

v1.6

v1.8

v1.8.2

v1.9

v2.0

v2.1

v2.2

v2.2.0

v2.3

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.4

v2.4.1

v2.4.2

v2.4.3

v2.5.0

v2.5.1

v2.6

v2.7

v2.7.0

v2.7.2

v2.8.0

v2.8.1

v2.9

v2.9.0

v2.9.1

v2.9.2

v2.9.3

v2.9.4

v2.9.5

v3.0.0

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.1.0

v3.1.1

v3.1.10

v3.1.11

v3.1.12

v3.1.13

v3.1.14

v3.1.15

v3.1.16

v3.1.17

v3.1.18

v3.1.19

v3.1.20

v3.1.24

v3.1.3

v3.1.4

v3.1.5

v3.1.6

v3.1.8

v3.1.9

v3.2.1

v3.2.2

v3.2.3

v3.2.4

v3.4.1

v3.4.10

v3.4.11

v3.4.2

v3.4.4

v3.4.5

v3.4.6

v3.4.7

v3.4.8

v3.4.8-hotfix

v3.4.8.1

v3.4.9

v3.5.0

v3.5.1

v3.5.2

v3.5.3

v3.6.0

v3.6.1

v3.6.10

v3.6.11

v3.6.12

v3.6.13

v3.6.14

v3.6.15

v3.6.16

v3.6.18

v3.6.19

v3.6.2

v3.6.20

v3.6.3

v3.6.5

v3.6.6

v3.6.7

v3.6.9

v4.0.0-pre

v4.0.0-pre1

v4.0.1

v4.0.10

v4.0.11

v4.0.12

v4.0.13

v4.0.14

v4.0.15

v4.0.16

v4.0.17

v4.0.18

v4.0.19

v4.0.2

v4.0.20

v4.0.21

v4.0.22

v4.0.23

v4.0.24

v4.0.25

v4.0.26

v4.0.27

v4.0.28

v4.0.29

v4.0.3

v4.0.30

v4.0.31

v4.0.32

v4.0.33

v4.0.34

v4.0.35

v4.0.36

v4.0.37

v4.0.38

v4.0.39

v4.0.4

v4.0.40

v4.0.41

v4.0.42

v4.0.43

v4.0.44

v4.0.45

v4.0.46

v4.0.47

v4.0.48

v4.0.49

v4.0.5

v4.0.6

v4.0.7

v4.0.8

v4.0.9

v4.1.0

v4.1.1

v4.1.10

v4.1.11

v4.1.12

v4.1.13

v4.1.14

v4.1.15

v4.1.16

v4.1.17

v4.1.18

v4.1.19

v4.1.2

v4.1.20

v4.1.21

v4.1.22

v4.1.23

v4.1.24

v4.1.25

v4.1.26

v4.1.27

v4.1.28

v4.1.29

v4.1.3

v4.1.30

v4.1.31

v4.1.32

v4.1.33

v4.1.34

v4.1.35

v4.1.36

v4.1.37

v4.1.38

v4.1.39

v4.1.4

v4.1.41

v4.1.42

v4.1.43

v4.1.5

v4.1.6

v4.1.7

v4.1.8

v4.1.9

v5.0.0

v5.0.1

v5.0.2

v5.0.3

v5.0.4

9979fc00f5 add a parameter "table_name" for maat_state_get_hit_paths refactor-separate-scan-and-stat-compile liuchang 2024-11-28 08:53:31 +00:00
e8b826b754 rule sort support priority liuchang 2024-11-28 02:29:33 +00:00
2ef61c51f9 1.maat_state_compile add para "exdata_array" 2.maat_plugin_table_ex_schema_register support rule table liuchang 2024-11-27 08:18:17 +00:00
a18157cd41 rename attribute to field liuchang 2024-11-26 06:55:29 +00:00
1c36e1cb21 add api maat_state_sort_rules to sort rule_uuid by order: 1.priority 2.condition_num 3.uuid v5.0.4 rename-attribute_name-to-field-v24.12 liuchang 2024-11-26 06:33:14 +00:00
57149b3060 rename attribute_name to field_name liuchang 2024-11-25 03:39:51 +00:00
6990542158 add api maat_state_need_compile liuchang 2024-11-25 01:53:48 +00:00
e50b1079f7 complete new api and test case liuchang 2024-11-22 07:53:29 +00:00
89c8cad6c9 add incomplete code liuchang 2024-11-19 09:57:24 +00:00
c7c0f5db30 add test cases for TSG-23138 liuchang 2024-11-15 08:39:11 +00:00
216ac5f77b add definition of api liuchang 2024-11-15 08:37:00 +00:00
df24326470 patch performance optimization from maat4 change some utarray to thread local variable, to reduce the frequency of calloc and free develop-version5 root 2024-11-14 03:13:06 +00:00
8f44d0677c add the definition of new API root 2024-11-13 09:34:57 +00:00
2dfcf103c0 🐎 ci(add aarch64 jobs): aarch64 + el9 v5.0.3 yangwei 2024-11-11 17:41:49 +08:00
1dfc7d36e1 🔧 build(rulescan cxx flags): ignore narrowing for el9 yangwei 2024-11-11 17:39:12 +08:00
634a3a884c 🔧 build(fix el9 compile warning): upgrade hyperscan & rulescan yangwei 2024-11-11 17:27:40 +08:00
086db650c5 merge the duplicated code between HS and RS in test case, using TEST_P of gtest root 2024-11-05 03:30:04 +00:00
bc52994922 fix coredump when rule is invalid v5.0.2 root 2024-10-29 07:51:04 +00:00
9d72c83e9f store history pattern ids at expr_matcher after hs/rs stream scan, instead of storing them during hs/rs scan root 2024-10-28 10:44:22 +00:00
abd00a9aab add some detail info for log root 2024-10-28 09:25:46 +00:00
816dabaf9e change library version according to tag version v5.0.1 root 2024-10-25 07:58:28 +00:00
12241e6580 fix memory leak in test case v5.0.0 root 2024-10-25 06:27:34 +00:00
b663077045 remove useless test case root 2024-10-25 03:31:55 +00:00
da715f21ef rename o2o and object2object to object_group root 2024-10-24 07:56:49 +00:00
1cd21a43c9 fix MaatCmd testcase root 2024-10-24 07:12:57 +00:00
4fddb2b0e9 fix mem leak for ipport_plugin root 2024-10-18 08:32:15 +00:00
041c32ccaa ipport plugin table support CIDR root 2024-10-17 06:37:29 +00:00
cc67447c4e fix foreign key rewrite fail root 2024-10-16 01:48:31 +00:00
78f733417c fix memory leak root 2024-10-14 02:25:36 +00:00
586f1c11b2 1.support and_conditions and or_conditions in rule 2.all test case success except MaatCmd.* in maat_framework_gtest root 2024-10-12 07:28:26 +00:00
02a2acf051 fix some test case root 2024-10-11 06:37:06 +00:00
e180ce18e0 fix test case using rule from json file root 2024-10-10 06:28:40 +00:00
35667246d3 use attribute_name instead of attribute_id to map condition_id root 2024-10-08 11:10:03 +00:00
3bbbd53f39 fix maat_redis_tool, fix some mem leaks, use (uuid_t *) type as para of function to avoid some problems root 2024-09-27 11:38:41 +00:00
3315428974 add temp code root 2024-09-26 11:14:06 +00:00
be3b474f69 commit temp table_info root 2024-09-25 07:48:05 +00:00
69d4938005 modify maat.h root 2024-09-23 09:24:21 +00:00
f6900204f5 modify maat.h api root 2024-09-23 08:52:47 +00:00
fc99675b40 change type of rule_id, object_id, item_id from (long long) to (uuid_t) just compile libmaatframe.so, without modifing about test case root 2024-09-20 11:20:21 +00:00
db8a811a75 OMPUB-1426: ipport_plugin table support CIDR format, while table_info not changed v4.1.43 dev-24.02 root 2024-09-19 03:39:12 +00:00
e0c20d27ed OMPUB-1426: ipport_plugin table support ip range root 2024-09-18 11:06:41 +00:00
20de47c873 run first test case success root 2024-09-14 11:29:12 +00:00
feb1576545 add basic code without test case, just compile success root 2024-09-12 09:31:27 +00:00
537c75887d 1.rename rule_state to rule_compile_state 2.recover regex_expr.json to make expr_matcher_gtest pass root 2024-08-30 08:28:58 +00:00
54a70f19d9 rename terminology "group" to "object" root 2024-08-22 10:26:59 +00:00
72cf89723d rename terminology "not flag" to "negate option" root 2024-08-22 08:28:33 +00:00
e538f5bb52 rename terminology "clause" to "condition" root 2024-08-22 07:35:53 +00:00
f660e6b2ac rename terminology "virtual table(vtable)" to "attribute" root 2024-08-22 06:42:37 +00:00
678ddd718a rename terminology "compile" to "rule" root 2024-08-22 03:11:15 +00:00
a4ca92ea41 rename maat_rule.c to maat_core.c rename maat_rule.h to maat_core.h root 2024-08-21 08:39:28 +00:00
0640799f21 remove unescape process of district root 2024-08-21 07:50:09 +00:00
b634070092 remove escape of \b root 2024-08-21 02:20:04 +00:00
d16a5d3b92 modify expr table and fix corresponding test case root 2024-08-19 11:04:17 +00:00
7dd54ad0ec modify fqdn_plugin table root 2024-08-13 07:29:41 +00:00
71871622dd Merge remote-tracking branch 'origin/simplify_item_schema' into simplify_item_schema root 2024-08-13 03:40:24 +00:00
a6c3e26577 modify interval table and fix some test case root 2024-08-13 03:35:50 +00:00
a786103b94 modify ip_table and ip_plugin_table root 2024-08-08 03:32:09 +00:00
906b8c92aa use fieldstat4_easy auto output instead of manually write file v4.1.42 develop-version4 root 2024-08-08 08:25:51 +00:00
637a2d9fca modify ip_table and ip_plugin_table root 2024-08-08 03:32:09 +00:00
d114221ebe TSG-22082: support set split log file by size root 2024-08-07 08:47:15 +00:00
2fd93a1648 fix mem leak v4.1.41 liuchang 2024-07-16 08:03:19 +00:00
5cdc599568 remove centos7 process for CI liuchang 2024-07-16 06:38:39 +00:00
e604a066ab add modified_time column for compile table while loading json file liuchang 2024-07-12 01:52:32 +00:00
2d77b9c88d When removing group from a clause, and the clause is empty, the clause id should be cleared. v4.1.39 Zheng Chao 2024-07-01 14:48:29 +08:00
e5f45366c0 add test case to reproduce one policy change caluse id and scan both before and after change with the same maat_state liuchang 2024-07-01 06:32:06 +00:00
5d30c1009c change invoke strtok() to strtok_r() v4.1.38 liuchang 2024-05-23 06:50:10 +00:00
3b5009ce9e TSG-21089: 不修改runtime的引擎配置，保证增量更新时的引擎切换判断正确 v4.1.37 root 2024-05-08 03:43:55 +00:00
d8d7f38efc add dup key don't output fatal log v4.1.36 liuchang 2024-04-24 08:16:57 +00:00
56238be701 TSG-20076: 存储转义之前的字符串，避免增量更新时对已转义的规则再次转义 liuchang 2024-04-23 02:33:49 +00:00
5c93f40900 TSG-20724: use maat instance name as maat stat name root 2024-04-23 03:34:22 +00:00
580d6faa0f [BUGFIX]Clean up hit groups promptly during scanning v4.1.35 liuwentan 2024-04-11 16:16:04 +08:00
1b97f76bf5 [BUGFIX]maat_scan_group support virtual table statistics liuwentan 2024-04-09 09:57:11 +08:00
7e25f48fdd [PATCH]delete useless code v4.1.34 liuwentan 2024-04-03 16:47:30 +08:00
cbabcbd6b0 [PATCH]support virtual table statistics liuwentan 2024-04-02 14:29:34 +08:00
d44ae2af2b [PATCH]add compile_runtime docs liuwentan 2024-04-01 13:23:54 +08:00
93da4afe02 [Doc] maatframe markdown documents liuwentan 2024-03-29 08:37:40 +00:00
3e1acddf61 [BUGFIX]fix maat_stat output invalid table_name v4.1.33 liuwentan 2024-03-28 14:17:22 +08:00
99f98abbcd Feature/scan ip port together support endpoint object v4.1.32 郑超 2024-03-27 11:19:39 +00:00
35d60d06b5 [BUGFIX]solve Rocky8-debug illegal instruction v4.1.31 liuwentan 2024-03-22 14:29:34 +08:00
dd5d65ec80 [PATCH]update colm & ragel version liuwentan 2024-03-20 10:08:39 +08:00
d2422fe7e1 [FEATURE]fieldstat3 -> fieldstat4 liuwentan 2024-03-15 18:17:36 +08:00
b1c629811d [FEATURE]ip_plugin support CIDR addr_format liuwentan 2024-03-15 14:50:50 +08:00
d3427c62f9 [PATCH]maat_redis_tool add -k to execute keys * transaction liuwentan 2024-03-14 16:46:09 +08:00
7de0db5ebc [PATCH]add log handle for maat_wrap_redis_command v4.1.30 liuwentan 2024-02-22 17:51:23 +08:00
26d642bdcf [PATCH]delete useless cumulative logic liuwentan 2024-02-21 19:02:13 +08:00
7e159477ac [PATCH]maat_scan_ip remove port & protocol parameter v4.1.29 liuwentan 2024-01-05 17:24:06 +08:00
18843fafa7 [BUGFIX]fix xx_plugin double free v4.1.28 liuwentan 2024-01-31 16:41:31 +08:00
42bd2f35ea [PATCH]validate log_handle in maat_new liuwentan 2024-01-03 16:49:53 +08:00
3f95cb2d48 [PATCH]update maat_scan_group & maat_state_get_last_hit_groups API v4.1.27 liuwentan 2024-01-02 20:23:09 +08:00
f04043905c [PATCH]unit_test item_id starting from 1 instead of 0 liuwentan 2023-12-29 16:18:02 +08:00
6d5fea298a [PATCH]add expr_matcher hit pattern statistics v4.1.26 liuwentan 2023-12-27 12:04:15 +08:00
102c8ac0f8 [BUGFIX] rulescan stream input data_len maximum:(1500 -> 65535) => TSG-18030 v4.1.25 liuwentan 2023-12-26 12:35:09 +00:00
5f703bb4f4 [PATCH]rename group2group column name liuwentan 2023-12-26 18:31:25 +08:00
3d0d410ac7 [PATCH] merge super_group's include and exclude sub_groups into one line v4.1.24 liuwentan 2023-12-26 15:35:22 +08:00
759f625cb1 [PATCH]add bloom filter to optimize performance => OMPUB-1081 v4.0.49 dev-23.07 liuwentan 2023-12-21 10:24:49 +08:00
cc1e1d2f7f [BUGFIX]group2group support sub_group_id array => TSG-18025 v4.1.23 liuwentan 2023-12-21 02:13:39 +00:00
580a594806 [PATCH] Add bloom filter to optimize expr_matcher performance liuwentan 2023-12-20 06:16:23 +00:00
e65239abe7 [PATCH]libmaat4 -> libmaatframe v4.1.22 liuwentan 2023-12-19 14:43:41 +08:00
b7d6eb16a1 [FEATURE]add maat_get_table_schema_tag API => TSG-17872 v4.1.21 liuwentan 2023-12-18 08:43:54 +00:00
df7505fa7f [PATCH]add maat_state_get_last_hit_group_id_cnt API v4.1.20 liuwentan 2023-12-13 18:15:28 +08:00