-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathosquery.conf
65 lines (60 loc) · 3.35 KB
/
osquery.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{
"options": {
"schedule_splay_percent": "10"
},
"schedule": {
},
"decorators": {
"load": [
"SELECT uuid AS host_uuid, hostname FROM system_info;",
"SELECT user AS username FROM logged_in_users ORDER BY time DESC LIMIT 1;"
]
},
"packs": {
"windows-hardening": "C:\\Program Files\\osquery\\packs\\windows_hardening.conf",
"windows-attacks": "C:\\Program Files\\osquery\\packs\\windows_attacks.conf",
"windows-os-monitoring": "C:\\Program Files\\osquery\\packs\\os_monitoring.conf",
"osquery-info": "C:\\Program Files\\osquery\\packs\\osquery_info.conf"
},
"feature_vectors": {
"character_frequencies": [
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.00045, 0.01798,
0.0, 0.03111, 0.00063, 0.00027, 0.0, 0.01336, 0.0133,
0.00128, 0.0027, 0.00655, 0.01932, 0.01917, 0.00432, 0.0045,
0.00316, 0.00245, 0.00133, 0.001029, 0.00114, 0.000869, 0.00067,
0.000759, 0.00061, 0.00483, 0.0023, 0.00185, 0.01342, 0.00196,
0.00035, 0.00092, 0.027875, 0.007465, 0.016265, 0.013995, 0.0490895,
0.00848, 0.00771, 0.00737, 0.025615, 0.001725, 0.002265, 0.017875,
0.016005, 0.02533, 0.025295, 0.014375, 0.00109, 0.02732, 0.02658,
0.037355, 0.011575, 0.00451, 0.005865, 0.003255, 0.005965, 0.00077,
0.00621, 0.00222, 0.0062, 0.0, 0.00538, 0.00122, 0.027875,
0.007465, 0.016265, 0.013995, 0.0490895, 0.00848, 0.00771, 0.00737,
0.025615, 0.001725, 0.002265, 0.017875, 0.016005, 0.02533, 0.025295,
0.014375, 0.00109, 0.02732, 0.02658, 0.037355, 0.011575, 0.00451,
0.005865, 0.003255, 0.005965, 0.00077, 0.00771, 0.002379, 0.00766,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0,
0.0, 0.0, 0.0
]
}
}