valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3de799ef07
osquery-1/specs/hash.table
Vova Mishatkin 29b596dc85 Add ssdeep table for posix (#4629)
2018-06-29 19:50:47 +01:00

18 lines
687 B
Plaintext
Raw Blame History

table_name("hash")
description("Filesystem hash data.")
schema([
Column("path", TEXT, "Must provide a path or directory", index=True, required=True),
Column("directory", TEXT, "Must provide a path or directory", required=True),
Column("md5", TEXT, "MD5 hash of provided filesystem data"),
Column("sha1", TEXT, "SHA1 hash of provided filesystem data"),
Column("sha256", TEXT, "SHA256 hash of provided filesystem data"),
])
extended_schema(POSIX, [
Column("ssdeep", TEXT, "ssdeep hash of provided filesystem data"),
])
implementation("hash@genHash")
examples([
"select * from hash where path = '/etc/passwd'",
"select * from hash where directory = '/etc/'",
])
Reference in New Issue View Git Blame Copy Permalink