valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e29ad573ef
osquery-1/specs/darwin/xprotect_entries.table
Teddy Reed c2be670806 Table results caching 
1. Table implementations (spec files) can mark the table as 'cachable'.
2. Cached results depend on the shortest/quickest interval of scheduled
queries that act on results of the table.
3. The table API generator blocks caching on index/additional/required
table column options.
2015-11-14 15:57:23 -08:00

14 lines
673 B
Plaintext
Raw Blame History

table_name("xprotect_entries")
description("Database of the machine's XProtect signatures.")
schema([
Column("name", TEXT, "Description of XProtected malware"),
Column("launch_type", TEXT, "Launch services content type"),
Column("identity", TEXT, "XProtect identity (SHA1) of content"),
Column("filename", TEXT, "Use this file name to match"),
Column("filetype", TEXT, "Use this file type to match"),
Column("optional", INTEGER, "Match any of the identities/patterns for this XProtect name"),
Column("uses_pattern", INTEGER, "Uses a match pattern instead of identity"),
])
attributes(cachable=True)
implementation("xprotect@genXProtectEntries")
Reference in New Issue View Git Blame Copy Permalink