![]() #MACOS INSTALL OSQUERY SOFTWARE#In the last 30 days, when was the earliest time we saw software on our system? WHERE ua.os='Mac OS X' and uat.tag NOT IN ('all', 'compliance') JOIN upt_assets ua on uat.upt_asset_id = ua.id SELECT distinct ua.host_name, ua.os, uat.tag FROM upt_asset_tags uat Query assets with particular OS, but exclude certain tags SELECT count(upt_hostname) FROM qp_art_ec2data_q_ec2_instance_metadata WHERE upt_day=20210430 Get count of hostnames from a particular query pack on specific day WHERE upt_day >= cast(date_format(now() - interval '24' hour, '%Y%m%d') AS integer)ĪND event_time > (now() - interval '24' hour)) WHERE online_at > (Now() - interval '24' hour) Which assets are online but are not generating events? ![]() SELECT DISTINCT(upt_hostname, name, bundle_version) FROM apps WHERE lower(name) like ‘%%%%’ What hosts have this software installed on them? SELECT host_name, os, os_version, os_flavor, live as status FROM upt_assets SELECT pid, process_name, path, commandLine, state, start_time, parent_process, version_info FROM processes WHERE hostname = '' What software (with versions) are currently running on this specific host? What software is installed on a specific host? ![]() ![]() SELECT * FROM dns_lookup_events WHERE hostname = ''
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |