remove address column from network_interfaces chromeos table (#11787)

Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2024-11-06 08:55:24 +00:00 · 2023-05-26 16:47:19 -05:00 · 2023-05-26 16:47:19 -05:00 · e1a0021e7a
commit e1a0021e7a
parent 18df844412
3 changed files with 53 additions and 35 deletions
--- a/docs/Using-Fleet/Detail-Queries-Summary.md
+++ b/docs/Using-Fleet/Detail-Queries-Summary.md
@ -1,11 +1,7 @@
 <!-- DO NOT EDIT. This document is automatically generated. -->
 # Detail Queries Summary

-Detail queries are the osquery queries that run for each host and populate it's
-device details. If you run into issues with the host device data being incorrect or missing you can debug this by
-overriding these with this confguration option [detail_query_overrides](https://fleetdm.com/docs/using-fleet/detail-queries-summary#battery).
-
-Following is a summary of the default detail queries hardcoded in Fleet:
+Following is a summary of the detail queries hardcoded in Fleet used to populate the device details:

 ## battery

@ -175,7 +171,7 @@ select version, errors, warnings from munki_info;
 - Query:

 ```sql
-SELECT address, mac FROM network_interfaces LIMIT 1
+SELECT ipv4 AS address, mac FROM network_interfaces LIMIT 1
 ```

 ## network_interface_unix
@ -313,7 +309,7 @@ SELECT * FROM os_version LIMIT 1
 ```sql
 SELECT
 		os.name,
-		os.codename as display_version
+		os.version as display_version

 	FROM
 		os_version os
@ -382,7 +378,8 @@ SELECT
  version AS version,
  'Browser plugin (Chrome)' AS type,
  'chrome_extensions' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM chrome_extensions
 ```

@ -404,7 +401,8 @@ SELECT
  'deb_packages' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  '' AS installed_path
 FROM deb_packages
 WHERE status = 'install ok installed'
 UNION
@ -415,7 +413,8 @@ SELECT
  'portage_packages' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  '' AS installed_path
 FROM portage_packages
 UNION
 SELECT
@ -425,7 +424,8 @@ SELECT
  'rpm_packages' AS source,
  release AS release,
  vendor AS vendor,
-  arch AS arch
+  arch AS arch,
+  '' AS installed_path
 FROM rpm_packages
 UNION
 SELECT
@ -435,7 +435,8 @@ SELECT
  'npm_packages' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  path AS installed_path
 FROM npm_packages
 UNION
 SELECT
@ -445,7 +446,8 @@ SELECT
  'chrome_extensions' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  path AS installed_path
 FROM cached_users CROSS JOIN chrome_extensions USING (uid)
 UNION
 SELECT
@ -455,7 +457,8 @@ SELECT
  'firefox_addons' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  path AS installed_path
 FROM cached_users CROSS JOIN firefox_addons USING (uid)
 UNION
 SELECT
@ -465,7 +468,8 @@ SELECT
  'atom_packages' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  path AS installed_path
 FROM cached_users CROSS JOIN atom_packages USING (uid)
 UNION
 SELECT
@ -475,7 +479,8 @@ SELECT
  'python_packages' AS source,
  '' AS release,
  '' AS vendor,
-  '' AS arch
+  '' AS arch,
+  path AS installed_path
 FROM python_packages;
 ```

@ -496,7 +501,8 @@ SELECT
  'Application (macOS)' AS type,
  bundle_identifier AS bundle_identifier,
  'apps' AS source,
-  last_opened_time AS last_opened_at
+  last_opened_time AS last_opened_at,
+  path AS installed_path
 FROM apps
 UNION
 SELECT
@ -505,7 +511,8 @@ SELECT
  'Package (Python)' AS type,
  '' AS bundle_identifier,
  'python_packages' AS source,
-  0 AS last_opened_at
+  0 AS last_opened_at,
+  path AS installed_path
 FROM python_packages
 UNION
 SELECT
@ -514,7 +521,8 @@ SELECT
  'Browser plugin (Chrome)' AS type,
  '' AS bundle_identifier,
  'chrome_extensions' AS source,
-  0 AS last_opened_at
+  0 AS last_opened_at,
+  path AS installed_path
 FROM cached_users CROSS JOIN chrome_extensions USING (uid)
 UNION
 SELECT
@ -523,7 +531,8 @@ SELECT
  'Browser plugin (Firefox)' AS type,
  '' AS bundle_identifier,
  'firefox_addons' AS source,
-  0 AS last_opened_at
+  0 AS last_opened_at,
+  path AS installed_path
 FROM cached_users CROSS JOIN firefox_addons USING (uid)
 UNION
 SELECT
@ -532,7 +541,8 @@ SELECT
  'Browser plugin (Safari)' AS type,
  '' AS bundle_identifier,
  'safari_extensions' AS source,
-  0 AS last_opened_at
+  0 AS last_opened_at,
+  path AS installed_path
 FROM cached_users CROSS JOIN safari_extensions USING (uid)
 UNION
 SELECT
@ -541,7 +551,8 @@ SELECT
  'Package (Atom)' AS type,
  '' AS bundle_identifier,
  'atom_packages' AS source,
-  0 AS last_opened_at
+  0 AS last_opened_at,
+  path AS installed_path
 FROM cached_users CROSS JOIN atom_packages USING (uid)
 UNION
 SELECT
@ -550,7 +561,8 @@ SELECT
  'Package (Homebrew)' AS type,
  '' AS bundle_identifier,
  'homebrew_packages' AS source,
-  0 AS last_opened_at
+  0 AS last_opened_at,
+  path AS installed_path
 FROM homebrew_packages;
 ```

@ -570,7 +582,8 @@ SELECT
  version AS version,
  'Program (Windows)' AS type,
  'programs' AS source,
-  publisher AS vendor
+  publisher AS vendor,
+  install_location AS installed_path
 FROM programs
 UNION
 SELECT
@ -578,7 +591,8 @@ SELECT
  version AS version,
  'Package (Python)' AS type,
  'python_packages' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM python_packages
 UNION
 SELECT
@ -586,7 +600,8 @@ SELECT
  version AS version,
  'Browser plugin (IE)' AS type,
  'ie_extensions' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM ie_extensions
 UNION
 SELECT
@ -594,7 +609,8 @@ SELECT
  version AS version,
  'Browser plugin (Chrome)' AS type,
  'chrome_extensions' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM cached_users CROSS JOIN chrome_extensions USING (uid)
 UNION
 SELECT
@ -602,7 +618,8 @@ SELECT
  version AS version,
  'Browser plugin (Firefox)' AS type,
  'firefox_addons' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM cached_users CROSS JOIN firefox_addons USING (uid)
 UNION
 SELECT
@ -610,7 +627,8 @@ SELECT
  version AS version,
  'Package (Chocolatey)' AS type,
  'chocolatey_packages' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM chocolatey_packages
 UNION
 SELECT
@ -618,7 +636,8 @@ SELECT
  version AS version,
  'Package (Atom)' AS type,
  'atom_packages' AS source,
-  '' AS vendor
+  '' AS vendor,
+  path AS installed_path
 FROM cached_users CROSS JOIN atom_packages USING (uid);
 ```

@ -683,4 +702,4 @@ SELECT date, title FROM windows_update_history WHERE result_code = 'Succeeded'



-<meta name="pageOrderInSection" value="1600">
+<meta name="pageOrderInSection" value="1600">
--- a/ee/fleetd-chrome/src/tables/network_interfaces.ts
+++ b/ee/fleetd-chrome/src/tables/network_interfaces.ts
@ -2,7 +2,7 @@ import Table from "./Table";

 export default class TableNetworkInterfaces extends Table {
  name = "network_interfaces";
-  columns = ["mac", "address", "ipv4", "ipv6"];
+  columns = ["mac", "ipv4", "ipv6"];

  async generate() {
    let ipv4, ipv6, mac;
@ -19,8 +19,7 @@ export default class TableNetworkInterfaces extends Table {
      {
        mac,
        ipv4,
-        ipv6,
-        address: ipv4,
+        ipv6
      },
    ];
  }
--- a/server/service/osquery_utils/queries.go
+++ b/server/service/osquery_utils/queries.go
@ -114,7 +114,7 @@ var hostDetailQueries = map[string]DetailQuery{
 		IngestFunc: ingestNetworkInterface,
 	},
 	"network_interface_chrome": {
-		Query:      `SELECT address, mac FROM network_interfaces LIMIT 1`,
+		Query:      `SELECT ipv4 AS address, mac FROM network_interfaces LIMIT 1`,
 		Platforms:  []string{"chrome"},
 		IngestFunc: ingestNetworkInterface,
 	},