mirror of
https://github.com/chainguard-dev/osquery-defense-kit
synced 2024-12-13 17:44:33 +00:00
24 lines
255 B
SQL
24 lines
255 B
SQL
-- Retrieves the memory map per process
|
|
-- platform: posix
|
|
-- tags: postmortem
|
|
SELECT
|
|
pid,
|
|
permissions,
|
|
offset
|
|
,
|
|
inode,
|
|
path,
|
|
pseudo
|
|
FROM
|
|
process_memory_map
|
|
WHERE
|
|
path != ""
|
|
GROUP BY
|
|
pid,
|
|
permissions,
|
|
offset
|
|
,
|
|
inode,
|
|
path,
|
|
pseudo;
|