Attention
Zercurity has been acquired by JumpCloud.
This documentation will no longer be maintained or updated. You can read more about the acquisition, or signup to JumpCloud today.
osquery_info¶
Top level information about the running version of osquery.
Platform support¶
Please be aware that some queries can only be run against certain platforms. Below is a list of the supported platforms that this query supports. Zercurity will automatically pause queries from running if errors are detected. Running a query against an unsupported platform will result in the following error: no such table: osquery_info
- Windows
- Linux
- Mac OSX
- Free BSD
Table schema¶
Name | Type | Description |
---|---|---|
pid | INTEGER | Process (or thread/handle) ID |
uuid | TEXT | Unique ID provided by the system |
instance_id | TEXT | Unique, long-lived ID per instance of osquery |
version | TEXT | osquery toolkit version |
config_hash | TEXT | Hash of the working configuration state |
config_valid | INTEGER | 1 if the config was loaded and considered valid, else 0 |
extensions | TEXT | osquery extensions status |
build_platform | TEXT | osquery toolkit build platform |
build_distro | TEXT | osquery toolkit platform distribution name (os version) |
start_time | INTEGER | UNIX time in seconds when the process started |
watcher | INTEGER | Process (or thread/handle) ID of optional watcher process |
platform_mask | INTEGER | The osquery platform bitmask |