valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 01:55:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
dcf72523f7
osquery-1/specs/windows/services.table
George Guliashvili 971bee4441 Move build system to BUCK 
fbshipit-source-id: 8ffef5e6a393ac67ce56dcb74845402e43d964a0
2018-12-07 16:12:35 +00:00

21 lines
1.5 KiB
Plaintext
Raw Blame History

table_name("services")
description("Lists all installed Windows services and their relevant data.")
schema([
Column("name", TEXT, "Service name"),
Column("service_type", TEXT, "Service Type: OWN_PROCESS, SHARE_PROCESS and maybe Interactive (can interact with the desktop)"),
Column("display_name", TEXT, "Service Display name"),
Column("status", TEXT, "Service Current status: STOPPED, START_PENDING, STOP_PENDING, RUNNING, CONTINUE_PENDING, PAUSE_PENDING, PAUSED"),
Column("pid", INTEGER, "the Process ID of the service"),
Column("start_type", TEXT, "Service start type: BOOT_START, SYSTEM_START, AUTO_START, DEMAND_START, DISABLED"),
Column("win32_exit_code", INTEGER, "The error code that the service uses to report an error that occurs when it is starting or stopping"),
Column("service_exit_code", INTEGER, "The service-specific error code that the service returns when an error occurs while the service is starting or stopping"),
Column("path", TEXT, "Path to Service Executable"),
Column("module_path", TEXT, "Path to ServiceDll"),
Column("description", TEXT, "Service Description"),
Column("user_account", TEXT, "The name of the account that the service process will be logged on as when it runs. This name can be of the form Domain\\UserName. If the account belongs to the built-in domain, the name can be of the form .\\UserName."),
])
implementation("system/windows/services@genServices")
examples([
"select * from services",
])
Reference in New Issue View Git Blame Copy Permalink