RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
osquery-defense-kit/incident_response/shell_history.sql

10 lines
180 B
SQL
Raw Permalink Blame History

-- Retrieves the command history, per user, by parsing the shell history files.
--
-- tags: postmortem
-- platform: posix
SELECT
*
FROM
users
JOIN shell_history USING (uid);
Reference in New Issue View Git Blame Copy Permalink