valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-06 09:35:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
f8f5718297
osquery-1/specs/darwin/xprotect_entries.table
Teddy Reed b28c4d8d0f Introduce table options (#2101) 
Table options includes a change to the Registry::call API for TablePlugins.
When requesting route information or the 'columns' action, a new 'op' key is included.
2016-05-18 12:23:52 -07:00

14 lines
674 B
Plaintext
Raw Blame History

table_name("xprotect_entries")
description("Database of the machine's XProtect signatures.")
schema([
Column("name", TEXT, "Description of XProtected malware"),
Column("launch_type", TEXT, "Launch services content type"),
Column("identity", TEXT, "XProtect identity (SHA1) of content"),
Column("filename", TEXT, "Use this file name to match"),
Column("filetype", TEXT, "Use this file type to match"),
Column("optional", INTEGER, "Match any of the identities/patterns for this XProtect name"),
Column("uses_pattern", INTEGER, "Uses a match pattern instead of identity"),
])
attributes(cacheable=True)
implementation("xprotect@genXProtectEntries")
Reference in New Issue View Git Blame Copy Permalink