mirror of
https://github.com/chainguard-dev/osquery-defense-kit
synced 2024-12-18 03:54:30 +00:00
28 lines
335 B
SQL
28 lines
335 B
SQL
-- Currently running programs, only the columns that are not constantly changing
|
|
--
|
|
-- tags: postmortem often
|
|
-- platform: posix
|
|
SELECT
|
|
pid,
|
|
name,
|
|
path,
|
|
cmdline,
|
|
state,
|
|
cwd,
|
|
root,
|
|
uid,
|
|
gid,
|
|
euid,
|
|
egid,
|
|
suid,
|
|
sgid,
|
|
on_disk,
|
|
start_time,
|
|
parent,
|
|
pgroup,
|
|
threads,
|
|
nice,
|
|
cgroup_path
|
|
FROM
|
|
processes
|