osquery-1/osquery/tables/system/uptime.cpp

/*
 *  Copyright (c) 2014-present, Facebook, Inc.
 *  All rights reserved.
 *
 *  This source code is licensed under the BSD-style license found in the
 *  LICENSE file in the root directory of this source tree. An additional grant
 *  of patent rights can be found in the PATENTS file in the same directory.
 *
 */

#include <osquery/tables.h>

#if defined(__APPLE__)
#include <time.h>
#include <errno.h>
#include <sys/sysctl.h>
#elif defined(__linux__)
#include <sys/sysinfo.h>
#elif defined(WIN32)
#include <windows.h>
#endif

namespace osquery {
namespace tables {

long getUptime() {
#if defined(DARWIN)
  struct timeval boot_time;
  size_t len = sizeof(boot_time);
  int mib[2] = {CTL_KERN, KERN_BOOTTIME};

  if (sysctl(mib, 2, &boot_time, &len, nullptr, 0) < 0) {
    return -1;
  }

  time_t seconds_since_boot = boot_time.tv_sec;
  time_t current_seconds = time(nullptr);

  return long(difftime(current_seconds, seconds_since_boot));
#elif defined(__linux__)
  struct sysinfo sys_info;

  if (sysinfo(&sys_info) != 0) {
    return -1;
  }

  return sys_info.uptime;
#elif defined(WIN32)
  return (long)GetTickCount64() / 1000;
#endif

  return -1;
}

QueryData genUptime(QueryContext& context) {
  Row r;
  QueryData results;
  long uptime_in_seconds = getUptime();

  if (uptime_in_seconds >= 0) {
    r["days"] = INTEGER(uptime_in_seconds / 60 / 60 / 24);
    r["hours"] = INTEGER((uptime_in_seconds / 60 / 60) % 24);
    r["minutes"] = INTEGER((uptime_in_seconds / 60) % 60);
    r["seconds"] = INTEGER(uptime_in_seconds % 60);
    r["total_seconds"] = BIGINT(uptime_in_seconds);
    results.push_back(r);
  }

  return results;
}
}
}
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00			`/*`
[osquery] Update copyright headers to new format. 2016-02-11 19:48:58 +00:00			`* Copyright (c) 2014-present, Facebook, Inc.`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00			`* All rights reserved.`
			`*`
			`* This source code is licensed under the BSD-style license found in the`
			`* LICENSE file in the root directory of this source tree. An additional grant`
			`* of patent rights can be found in the PATENTS file in the same directory.`
			`*`
			`*/`

			`#include <osquery/tables.h>`

			`#if defined(__APPLE__)`
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`#include <time.h>`
			`#include <errno.h>`
			`#include <sys/sysctl.h>`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00			`#elif defined(__linux__)`
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`#include <sys/sysinfo.h>`
Uptime implementation on Windows (#2906) 2017-01-12 05:25:39 +00:00			`#elif defined(WIN32)`
			`#include <windows.h>`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00			`#endif`

			`namespace osquery {`
			`namespace tables {`

			`long getUptime() {`
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`#if defined(DARWIN)`
			`struct timeval boot_time;`
			`size_t len = sizeof(boot_time);`
			`int mib[2] = {CTL_KERN, KERN_BOOTTIME};`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00
Issue #2651 : Changed all NULLs to nullptrs (#2657) 2016-10-21 18:20:28 +00:00			`if (sysctl(mib, 2, &boot_time, &len, nullptr, 0) < 0) {`
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`return -1;`
			`}`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`time_t seconds_since_boot = boot_time.tv_sec;`
Issue #2651 : Changed all NULLs to nullptrs (#2657) 2016-10-21 18:20:28 +00:00			`time_t current_seconds = time(nullptr);`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`return long(difftime(current_seconds, seconds_since_boot));`
			`#elif defined(__linux__)`
			`struct sysinfo sys_info;`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`if (sysinfo(&sys_info) != 0) {`
			`return -1;`
			`}`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`return sys_info.uptime;`
Uptime implementation on Windows (#2906) 2017-01-12 05:25:39 +00:00			`#elif defined(WIN32)`
			`return (long)GetTickCount64() / 1000;`
Refactor system into POSIX and add CPUID to Windows (#2288) 2016-07-25 22:34:17 +00:00			`#endif`
Build and provision edits for FreeBSD CI 2015-09-24 23:12:26 +00:00
			`return -1;`
Add uptime table The table contains information about the time passed since the last boot. 2015-07-03 05:32:48 +00:00			`}`

			`QueryData genUptime(QueryContext& context) {`
			`Row r;`
			`QueryData results;`
			`long uptime_in_seconds = getUptime();`

			`if (uptime_in_seconds >= 0) {`
			`r["days"] = INTEGER(uptime_in_seconds / 60 / 60 / 24);`
			`r["hours"] = INTEGER((uptime_in_seconds / 60 / 60) % 24);`
			`r["minutes"] = INTEGER((uptime_in_seconds / 60) % 60);`
			`r["seconds"] = INTEGER(uptime_in_seconds % 60);`
			`r["total_seconds"] = BIGINT(uptime_in_seconds);`
			`results.push_back(r);`
			`}`

			`return results;`
			`}`
			`}`
			`}`