valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7076aa813c
osquery-1/include/osquery/devtools.h
mike@arpaia.co 636ced854f Pretty shell results 
Example:

```
osquery> select name, program || program_arguments as executable from launchd limit 5;

+----------------------------------+-------------------------------------------------------------------------------+
| name                             | executable                                                                    |
+----------------------------------+-------------------------------------------------------------------------------+
| bootps.plist                     | /usr/libexec/bootpd                                                           |
| com.apple.afpfs_afpLoad.plist    | /System/Library/Filesystems/AppleShare/afpLoad                                |
| com.apple.afpfs_checkafp.plist   | /System/Library/Filesystems/AppleShare/check_afp.app/Contents/MacOS/check_afp |
| com.apple.AirPlayXPCHelper.plist | /usr/libexec/AirPlayXPCHelper                                                 |
| com.apple.airport.wps.plist      | /usr/libexec/wps                                                              |
+----------------------------------+-------------------------------------------------------------------------------+
osquery> .tables
  => alf
  => alf_exceptions
  => alf_explicit_auths
  => alf_services
  => apps
  => ca_certs
  => etc_hosts
  => interface_addresses
  => interface_details
  => kextstat
  => last
  => launchd
  => listening_ports
  => nvram
  => osx_version
  => processes
  => routes
  => time
```
2014-09-25 21:39:07 -07:00

95 lines
2.9 KiB
C++
Raw Blame History

// Copyright 2004-present Facebook. All Rights Reserved.
#pragma once
#include <string>
#include "osquery/database/results.h"
namespace osquery {
/**
* @brief Run an interactive SQL query shell.
*
* @code{.cpp}
* // Copyright 2004-present Facebook. All Rights Reserved.
* #include "osquery/core.h"
* #include "osquery/devtools.h"
*
* int main(int argc, char *argv[]) {
* osquery::initOsquery(argc, argv);
* return osquery::launchIntoShell(argc, argv);
* }
* @endcode
*
* @param argc the number of elements in argv
* @param argv the command-line flags
*
* @return an int which represents the "return code"
*/
int launchIntoShell(int argc, char** argv);
/**
* @brief Generate a pretty representation of a QueryData object
*
* @return The beautified string representation of the supplied QueryData
* @param order The order of the keys (since maps are unordered)
*/
std::string beautify(const QueryData& q, const std::vector<std::string>& order);
/**
* @brief Pretty print a QueryData object
*
* This is a helper method which called osquery::beautify on the supplied
* QueryData object and prints the results to stdout.
*
* @param q The QueryData object to print
* @param order The order of the keys (since maps are unordered)
*/
void prettyPrint(const QueryData& q, const std::vector<std::string>& order);
/**
* @brief Compute a map of metadata about the supplied QueryData object
*
* @param q The QueryData object to analyze
*
* @return A map of string to int such that the key represents the "column" in
* the supplied QueryData and the int represents the length of the longest key
*/
std::map<std::string, int> computeQueryDataLengths(const QueryData& q);
/**
* @brief Generate the separator string for query results
*
* @param lengths The data returned from computeQueryDataLengths
* @param order The order of the keys (since maps are unordered)
*
* @return A string, with a newline, representing your separator
*/
std::string generateSeparator(const std::map<std::string, int>& lengths,
const std::vector<std::string>& order);
/**
* @brief Generate the header string for query results
*
* @param lengths The data returned from computeQueryDataLengths
* @param order The order of the keys (since maps are unordered)
*
* @return A string, with a newline, representing your header
*/
std::string generateHeader(const std::map<std::string, int>& lengths,
const std::vector<std::string>& order);
/**
* @brief Generate a row string for query results
*
* @param lengths The data returned from computeQueryDataLengths
* @param order The order of the keys (since maps are unordered)
*
* @return A string, with a newline, representing your row
*/
std::string generateRow(const Row& r,
const std::map<std::string, int>& lengths,
const std::vector<std::string>& order);
}
Reference in New Issue View Git Blame Copy Permalink