mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
e82962e4a7
* create schema/tables, add yaml schema tables * Update osquery-table-details.ejs * Generate schema from schema/tables/ folder * Create generate-yaml-tables-from-json.js * update created table files * update fleet override validation * update error messages, add fleetRepoUrl * Delete generate-yaml-tables-from-json.js * Update osquery-table-details.ejs * Update whitespace in table examples * Revert "Update osquery-table-details.ejs" This reverts commit 2e9d63208f59997d492375ebaf1d0ec7e4afe468. * add YAML tables generated from updated Fleet schema * lint fixes * update arp_cache and docker_containers tables
16 lines
437 B
YAML
16 lines
437 B
YAML
name: etc_hosts
|
|
examples: >-
|
|
Identify host"name"s pointed to IP addresses using the hosts file. This
|
|
technique is often abused by malware, but can also indicate services that do
|
|
not have proper DNS configuration to be reached from workstations.
|
|
|
|
```
|
|
|
|
SELECT * FROM etc_hosts WHERE address!='127.0.0.1' AND address!='::1' AND address!='255.255.255.255';
|
|
|
|
```
|
|
columns:
|
|
- name: pid_with_namespace
|
|
platforms:
|
|
- linux
|