Created
December 14, 2017 23:31
-
-
Save clong/43400e931055b29a684e533e248b994d to your computer and use it in GitHub Desktop.
efigy_ext_sample
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo osqueryi --extension osquery-facebook/build/darwin10.12/external/extension_efigy/efigy.ext --allow_unsafe --verbose | |
| I1214 15:24:28.376690 3197526976 init.cpp:382] osquery initialized [version=2.10.2] | |
| I1214 15:24:28.376940 3197526976 extensions.cpp:288] Could not autoload extensions: Failed reading: /var/osquery/extensions.load | |
| I1214 15:24:28.378172 153985024 watcher.cpp:563] Created and monitoring extension child (30280): osquery-facebook/build/darwin10.12/external/extension_efigy/efigy.ext | |
| I1214 15:24:28.378330 155058176 interface.cpp:327] Extension manager service starting: .osquery/shell.em | |
| Connecting to the running osquery instance... | |
| I1214 15:24:28.388691 3197526976 init.cpp:385] osquery extension initialized [sdk=2.10.4] | |
| I1214 15:24:28.391145 156119040 interface.cpp:141] Registering extension (efigy, 42198, version=1.0.0, sdk=2.10.4) | |
| I1214 15:24:28.410346 156119040 registry.cpp:351] Extension 42198 registered table plugin efigy | |
| I1214 15:24:28.412704 56770560 interface.cpp:316] Extension service starting: .osquery/shell.em.42198 | |
| I1214 15:24:28.413022 3197526976 extensions.cpp:474] Extension (efigy, 42198, 1.0.0, 2.10.4) registered | |
| Using a virtual database. Need help, type '.help' | |
| osquery> select * from efigy; | |
| +--------------------+-----------------+--------------------+-------------------+------------+---------------------+ | |
| | latest_efi_version | efi_version | efi_version_status | latest_os_version | os_version | build_number_status | | |
| +--------------------+-----------------+--------------------+-------------------+------------+---------------------+ | |
| | MBP142.0167.B00 | MBP142.0167.B00 | success | 10.12.6 | 10.12.6 | success | | |
| +--------------------+-----------------+--------------------+-------------------+------------+---------------------+ | |
| osquery> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment