mirror of
https://github.com/chainguard-dev/osquery-defense-kit
synced 2024-12-12 17:14:37 +00:00
10 lines
180 B
SQL
10 lines
180 B
SQL
-- Retrieves the command history, per user, by parsing the shell history files.
|
|
--
|
|
-- tags: postmortem
|
|
-- platform: posix
|
|
SELECT
|
|
*
|
|
FROM
|
|
users
|
|
JOIN shell_history USING (uid);
|