valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 01:55:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
b42b3d677e
osquery-1/specs/windows/services.table
Mitchell Grenier 6065c26f1d Make all descriptions use periods consistently. (#3324)
2017-05-25 12:43:58 -07:00

21 lines
1.5 KiB
Plaintext
Raw Blame History

table_name("services")
description("Lists all installed Windows services and their relevant data.")
schema([
Column("name", TEXT, "Service name"),
Column("service_type", TEXT, "Service Type: OWN_PROCESS, SHARE_PROCESS and maybe Interactive (can interact with the desktop)"),
Column("display_name", TEXT, "Service Display name"),
Column("status", TEXT, "Service Current status: STOPPED, START_PENDING, STOP_PENDING, RUNNING, CONTINUE_PENDING, PAUSE_PENDING, PAUSED"),
Column("pid", INTEGER, "the Process ID of the service"),
Column("start_type", TEXT, "Service start type: BOOT_START, SYSTEM_START, AUTO_START, DEMAND_START, DISABLED"),
Column("win32_exit_code", INTEGER, "The error code that the service uses to report an error that occurs when it is starting or stopping"),
Column("service_exit_code", INTEGER, "The service-specific error code that the service returns when an error occurs while the service is starting or stopping"),
Column("path", TEXT, "Path to Service Executable"),
Column("module_path", TEXT, "Path to ServiceDll"),
Column("description", TEXT, "Service Description"),
Column("user_account", TEXT, "The name of the account that the service process will be logged on as when it runs. This name can be of the form Domain\UserName. If the account belongs to the built-in domain, the name can be of the form .\UserName."),
])
implementation("system/windows/services@genServices")
examples([
"select * from services",
])
Reference in New Issue View Git Blame Copy Permalink