osquery-1/specs/utility/osquery_packs.table
2016-09-19 13:00:11 -07:00

14 lines
941 B
Plaintext

table_name("osquery_packs")
description("Information about the current query packs that are loaded in osquery.")
schema([
Column("name", TEXT, "The given name for this query pack"),
Column("platform", TEXT, "Platforms this query is supported on"),
Column("version", TEXT, "Minimum osquery version that this query will run on"),
Column("shard", INTEGER, "Shard restriction limit, 1-100, 0 meaning no restriction"),
Column("discovery_cache_hits", INTEGER, "The number of times that the discovery query used cached values since the last time the config was reloaded"),
Column("discovery_executions", INTEGER, "The number of times that the discovery queries have been executed since the last time the config was reloaded"),
Column("active", INTEGER, "Whether this pack is active (the version, platform and discovery queries match) yes=1, no=0."),
])
attributes(utility=True)
implementation("osquery@genOsqueryPacks")