mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-06 17:45:22 +00:00
29 lines
1.1 KiB
Plaintext
29 lines
1.1 KiB
Plaintext
{
|
|
"queries": {
|
|
"schedule": {
|
|
"query": "select name, interval, executions, output_size, wall_time, (user_time/executions) as avg_user_time, (system_time/executions) as avg_system_time, average_memory, last_executed from osquery_schedule;",
|
|
"interval": 7200,
|
|
"removed": false,
|
|
"blacklist": false,
|
|
"version": "1.6.0",
|
|
"description": "Report performance for every query within packs and the general schedule."
|
|
},
|
|
"events": {
|
|
"query": "select name, publisher, type, subscriptions, events, active from osquery_events;",
|
|
"interval": 86400,
|
|
"removed": false,
|
|
"blacklist": false,
|
|
"version": "1.5.3",
|
|
"description": "Report event publisher health and track event counters."
|
|
},
|
|
"osquery_info": {
|
|
"query": "select i.*, p.resident_size, p.user_time, p.system_time, time.minutes as counter from osquery_info i, processes p, time where p.pid = i.pid;",
|
|
"interval": 600,
|
|
"removed": false,
|
|
"blacklist": false,
|
|
"version": "1.2.2",
|
|
"description": "A heartbeat counter that reports general performance (CPU, memory) and version."
|
|
}
|
|
}
|
|
}
|