Information about the current query packs that are loaded in osquery.
Please be aware that some queries can only be run against certain platforms. Below is a list of the supported platforms that this query supports. Zercurity will automatically pause queries from running if errors are detected. Running a query against an unsupported platform will result in the following error:
no such table: osquery_packs
- Mac OSX
- Free BSD
|name||TEXT||The given name for this query pack|
|platform||TEXT||Platforms this query is supported on|
|version||TEXT||Minimum osquery version that this query will run on|
|shard||INTEGER||Shard restriction limit, 1-100, 0 meaning no restriction|
|discovery_cache_hits||INTEGER||The number of times that the discovery query used cached values since the last time the config was reloaded|
|discovery_executions||INTEGER||The number of times that the discovery queries have been executed since the last time the config was reloaded|
|active||INTEGER||Whether this pack is active (the version, platform and discovery queries match) yes=1, no=0.|
Select all the results for the given table.
SELECT * FROM osquery_packs;