From 6f2afd7be81c3bc117196b1c7cff2e696713a63f Mon Sep 17 00:00:00 2001
From: Javier Marcos <javier.marcos@gmail.com>
Date: Thu, 16 Apr 2015 14:48:21 -0700
Subject: [PATCH] Adding osquery_scheduled table

---
 .../tables/specs/utility/osquery_scheduled.table  |  9 +++++++++
 osquery/tables/utility/osquery.cpp                | 15 +++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 osquery/tables/specs/utility/osquery_scheduled.table

diff --git a/osquery/tables/specs/utility/osquery_scheduled.table b/osquery/tables/specs/utility/osquery_scheduled.table
new file mode 100644
index 00000000..603a6289
--- /dev/null
+++ b/osquery/tables/specs/utility/osquery_scheduled.table
@@ -0,0 +1,9 @@
+table_name("osquery_scheduled")
+description("Information about the current queries that are scheduled in osquery.")
+schema([
+    Column("interval", INTEGER, "The interval in seconds to run this query, not an exact interval."),
+    Column("name", TEXT, "The given name for this query."),
+    Column("query", TEXT, "The exact query to run."),
+])
+attributes(utility=True)
+implementation("osquery@genOsqueryScheduled")
diff --git a/osquery/tables/utility/osquery.cpp b/osquery/tables/utility/osquery.cpp
index fd52fcca..649a4012 100644
--- a/osquery/tables/utility/osquery.cpp
+++ b/osquery/tables/utility/osquery.cpp
@@ -133,5 +133,20 @@ QueryData genOsqueryInfo(QueryContext& context) {
 
   return results;
 }
+
+QueryData genOsqueryScheduled(QueryContext& context) {
+  QueryData results;
+
+  ConfigDataInstance config;
+  for (const auto& query : config.schedule()) {
+    Row r;
+    r["name"] = TEXT(query.first);
+    r["query"] = TEXT(query.second.query);
+    r["interval"] = INTEGER(query.second.interval);
+    results.push_back(r);
+  }
+
+  return results;
+}
 }
 }