valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 10:23:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1a0aa988f1
osquery-1/specs/windows/registry.table
Nick Anderson 9786b0efed Adding the windows registry virtual table (#2356)
2016-08-16 12:37:53 -07:00

16 lines
673 B
Plaintext
Executable File
Raw Blame History

table_name("registry")
description("All of the Windows registry hives.")
schema([
Column("hive", TEXT, "The parent registry hive where the key and value exist"),
Column("key", TEXT, "Name of the key to search for"),
Column("subkey", TEXT, "Name of the subkey for a given HIVE and key"),
Column("name", TEXT, "Name of the registry value entry"),
Column("type", TEXT, "Type of data associated with the registry value"),
Column("data", TEXT, "Data content of registry value"),
Column("mtime", BIGINT, "timestamp of the most recent registry write"),
])
implementation("system/windows/registry@genRegistry")
examples([
"select * from registry",
])
Reference in New Issue View Git Blame Copy Permalink