mirror of
https://github.com/chainguard-dev/osquery-defense-kit
synced 2024-12-18 03:54:30 +00:00
13 lines
223 B
SQL
13 lines
223 B
SQL
-- Returns a list of file information from /dev (non-hidden only)
|
|
--
|
|
-- tags: postmortem
|
|
-- platform: posix
|
|
SELECT
|
|
file.*,
|
|
magic.data
|
|
FROM
|
|
file
|
|
JOIN magic ON file.path = magic.path
|
|
WHERE
|
|
file.path LIKE "/dev/%%";
|