osquery-defense-kit/incident_response/alf_explicit_auths_macos.sql

mirror of https://github.com/chainguard-dev/osquery-defense-kit
-- Retrieves the list of processes with explicit authorization for the Application Layer Firewall.
--
-- tags: postmortem
-- platform: darwin
SELECT
  *
FROM
  alf_explicit_auths;
Finish out the incident_response refactor 2022-10-19 20:19:53 +00:00			`-- Retrieves the list of processes with explicit authorization for the Application Layer Firewall.`
			`--`
			`-- tags: postmortem`
			`-- platform: darwin`
			`SELECT`
			`*`
			`FROM`
			`alf_explicit_auths;`