mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 09:58:54 +00:00
13 lines
495 B
Plaintext
13 lines
495 B
Plaintext
table_name("winbaseobj")
|
|
description("Lists named Windows objects in the default object directories, across all terminal services sessions.")
|
|
schema([
|
|
Column("session_id", INTEGER, "Terminal Services Session Id"),
|
|
Column("object_name", TEXT, "Object Name"),
|
|
Column("object_type", TEXT, "Object Type"),
|
|
])
|
|
implementation("system/windows/Objects@genBaseNamedObjects")
|
|
examples([
|
|
"select object_name, object_type from winbaseobj",
|
|
"select * from winbaseobj where type='Mutant'",
|
|
])
|