mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 18:08:53 +00:00
18 lines
814 B
Plaintext
18 lines
814 B
Plaintext
table_name("hardware_events")
|
|
description("Hardware (PCI/USB/HID) events from UDEV or IOKit.")
|
|
schema([
|
|
Column("action", TEXT, "Remove, insert, change properties, etc"),
|
|
Column("path", TEXT, "Local device path assigned (optional)"),
|
|
Column("type", TEXT, "Type of hardware and hardware event"),
|
|
Column("driver", TEXT, "Driver claiming the device"),
|
|
Column("model", TEXT, "Hardware device model"),
|
|
Column("model_id", INTEGER),
|
|
Column("vendor", TEXT, "hardware device vendor"),
|
|
Column("vendor_id", INTEGER),
|
|
Column("serial", TEXT, "Device serial (optional)"),
|
|
Column("revision", INTEGER, "Device revision (optional)"),
|
|
Column("time", BIGINT, "Time of hardware event"),
|
|
])
|
|
attributes(event_subscriber=True)
|
|
implementation("events/hardware_events@hardware_events::genTable")
|