salt.modules.osquery

Support for OSQuery - https://osquery.io.

salt.modules.osquery.acpi_tables(attrs=None, where=None)

Return acpi_tables information from osquery

CLI Example:

salt '*' osquery.acpi_tables

salt.modules.osquery.alf(attrs=None, where=None)

Return alf information from osquery

CLI Example:

salt '*' osquery.alf

salt.modules.osquery.alf_exceptions(attrs=None, where=None)

Return alf_exceptions information from osquery

CLI Example:

salt '*' osquery.alf_exceptions

salt.modules.osquery.alf_explicit_auths(attrs=None, where=None)

Return alf_explicit_auths information from osquery

CLI Example:

salt '*' osquery.alf_explicit_auths

salt.modules.osquery.alf_services(attrs=None, where=None)

Return alf_services information from osquery

CLI Example:

salt '*' osquery.alf_services

salt.modules.osquery.apps(attrs=None, where=None)

Return apps information from osquery

CLI Example:

salt '*' osquery.apps

salt.modules.osquery.apt_sources(attrs=None, where=None)

Return apt_sources information from osquery

CLI Example:

salt '*' osquery.apt_sources

salt.modules.osquery.arp_cache(attrs=None, where=None)

Return arp_cache information from osquery

CLI Example:

salt '*' osquery.arp_cache

salt.modules.osquery.block_devices(attrs=None, where=None)

Return block_devices information from osquery

CLI Example:

salt '*' osquery.block_devices

salt.modules.osquery.certificates(attrs=None, where=None)

Return certificates information from osquery

CLI Example:

salt '*' osquery.certificates

salt.modules.osquery.chrome_extensions(attrs=None, where=None)

Return chrome_extensions information from osquery

CLI Example:

salt '*' osquery.chrome_extensions

salt.modules.osquery.cpuid(attrs=None, where=None)

Return cpuid information from osquery

CLI Example:

salt '*' osquery.cpuid

salt.modules.osquery.crontab(attrs=None, where=None)

Return crontab information from osquery

CLI Example:

salt '*' osquery.crontab

salt.modules.osquery.deb_packages(attrs=None, where=None)

Return deb_packages information from osquery

CLI Example:

salt '*' osquery.deb_packages

salt.modules.osquery.etc_hosts(attrs=None, where=None)

Return etc_hosts information from osquery

CLI Example:

salt '*' osquery.etc_hosts

salt.modules.osquery.etc_services(attrs=None, where=None)

Return etc_services information from osquery

CLI Example:

salt '*' osquery.etc_services

salt.modules.osquery.file_(attrs=None, where=None)

Return file information from osquery

CLI Example:

salt '*' osquery.file

salt.modules.osquery.file_changes(attrs=None, where=None)

Return file_changes information from osquery

CLI Example:

salt '*' osquery.file_changes

salt.modules.osquery.firefox_addons(attrs=None, where=None)

Return firefox_addons information from osquery

CLI Example:

salt '*' osquery.firefox_addons

salt.modules.osquery.groups(attrs=None, where=None)

Return groups information from osquery

CLI Example:

salt '*' osquery.groups

salt.modules.osquery.hardware_events(attrs=None, where=None)

Return hardware_events information from osquery

CLI Example:

salt '*' osquery.hardware_events

salt.modules.osquery.hash_(attrs=None, where=None)

Return hash information from osquery

CLI Example:

salt '*' osquery.hash

salt.modules.osquery.homebrew_packages(attrs=None, where=None)

Return homebrew_packages information from osquery

CLI Example:

salt '*' osquery.homebrew_packages

salt.modules.osquery.interface_addresses(attrs=None, where=None)

Return interface_addresses information from osquery

CLI Example:

salt '*' osquery.interface_addresses

salt.modules.osquery.interface_details(attrs=None, where=None)

Return interface_details information from osquery

CLI Example:

salt '*' osquery.interface_details

salt.modules.osquery.iokit_devicetree(attrs=None, where=None)

Return iokit_devicetree information from osquery

CLI Example:

salt '*' osquery.iokit_devicetree

salt.modules.osquery.iokit_registry(attrs=None, where=None)

Return iokit_registry information from osquery

CLI Example:

salt '*' osquery.iokit_registry

salt.modules.osquery.kernel_extensions(attrs=None, where=None)

Return kernel_extensions information from osquery

CLI Example:

salt '*' osquery.kernel_extensions

salt.modules.osquery.kernel_info(attrs=None, where=None)

Return kernel_info information from osquery

CLI Example:

salt '*' osquery.kernel_info

salt.modules.osquery.kernel_integrity(attrs=None, where=None)

Return kernel_integrity information from osquery

CLI Example:

salt '*' osquery.kernel_integrity

salt.modules.osquery.kernel_modules(attrs=None, where=None)

Return kernel_modules information from osquery

CLI Example:

salt '*' osquery.kernel_modules

salt.modules.osquery.keychain_items(attrs=None, where=None)

Return keychain_items information from osquery

CLI Example:

salt '*' osquery.keychain_items

salt.modules.osquery.last(attrs=None, where=None)

Return last information from osquery

CLI Example:

salt '*' osquery.last

salt.modules.osquery.launchd(attrs=None, where=None)

Return launchd information from osquery

CLI Example:

salt '*' osquery.launchd

salt.modules.osquery.listening_ports(attrs=None, where=None)

Return listening_ports information from osquery

CLI Example:

salt '*' osquery.listening_ports

salt.modules.osquery.logged_in_users(attrs=None, where=None)

Return logged_in_users information from osquery

CLI Example:

salt '*' osquery.logged_in_users

salt.modules.osquery.memory_map(attrs=None, where=None)

Return memory_map information from osquery

CLI Example:

salt '*' osquery.memory_map

salt.modules.osquery.mounts(attrs=None, where=None)

Return mounts information from osquery

CLI Example:

salt '*' osquery.mounts

salt.modules.osquery.nfs_shares(attrs=None, where=None)

Return nfs_shares information from osquery

CLI Example:

salt '*' osquery.nfs_shares

salt.modules.osquery.nvram(attrs=None, where=None)

Return nvram information from osquery

CLI Example:

salt '*' osquery.nvram

salt.modules.osquery.os_version(attrs=None, where=None)

Return os_version information from osquery

CLI Example:

salt '*' osquery.os_version

salt.modules.osquery.osquery_extensions(attrs=None, where=None)

Return osquery_extensions information from osquery

CLI Example:

salt '*' osquery.osquery_extensions

salt.modules.osquery.osquery_flags(attrs=None, where=None)

Return osquery_flags information from osquery

CLI Example:

salt '*' osquery.osquery_flags

salt.modules.osquery.osquery_info(attrs=None, where=None)

Return osquery_info information from osquery

CLI Example:

salt '*' osquery.osquery_info

salt.modules.osquery.osquery_registry(attrs=None, where=None)

Return osquery_registry information from osquery

CLI Example:

salt '*' osquery.osquery_registry

salt.modules.osquery.passwd_changes(attrs=None, where=None)

Return passwd_changes information from osquery

CLI Example:

salt '*' osquery.passwd_changes

salt.modules.osquery.pci_devices(attrs=None, where=None)

Return pci_devices information from osquery

CLI Example:

salt '*' osquery.pci_devices

salt.modules.osquery.preferences(attrs=None, where=None)

Return preferences information from osquery

CLI Example:

salt '*' osquery.preferences

salt.modules.osquery.process_envs(attrs=None, where=None)

Return process_envs information from osquery

CLI Example:

salt '*' osquery.process_envs

salt.modules.osquery.process_memory_map(attrs=None, where=None)

Return process_memory_map information from osquery

CLI Example:

salt '*' osquery.process_memory_map

salt.modules.osquery.process_open_files(attrs=None, where=None)

Return process_open_files information from osquery

CLI Example:

salt '*' osquery.process_open_files

salt.modules.osquery.process_open_sockets(attrs=None, where=None)

Return process_open_sockets information from osquery

CLI Example:

salt '*' osquery.process_open_sockets

salt.modules.osquery.processes(attrs=None, where=None)

Return processes information from osquery

CLI Example:

salt '*' osquery.processes

salt.modules.osquery.quarantine(attrs=None, where=None)

Return quarantine information from osquery

CLI Example:

salt '*' osquery.quarantine

salt.modules.osquery.query(sql=None)

Return time information from osquery

CLI Example:

salt '*' osquery.query "select * from users;"

salt.modules.osquery.routes(attrs=None, where=None)

Return routes information from osquery

CLI Example:

salt '*' osquery.routes

salt.modules.osquery.rpm_packages(attrs=None, where=None)

Return cpuid information from osquery

CLI Example:

salt '*' osquery.rpm_packages

salt.modules.osquery.safari_extensions(attrs=None, where=None)

Return safari_extensions information from osquery

CLI Example:

salt '*' osquery.safari_extensions

salt.modules.osquery.shared_memory(attrs=None, where=None)

Return shared_memory information from osquery

CLI Example:

salt '*' osquery.shared_memory

salt.modules.osquery.shell_history(attrs=None, where=None)

Return shell_history information from osquery

CLI Example:

salt '*' osquery.shell_history

salt.modules.osquery.smbios_tables(attrs=None, where=None)

Return smbios_tables information from osquery

CLI Example:

salt '*' osquery.smbios_tables

salt.modules.osquery.startup_items(attrs=None, where=None)

Return startup_items information from osquery

CLI Example:

salt '*' osquery.startup_items

salt.modules.osquery.suid_bin(attrs=None, where=None)

Return suid_bin information from osquery

CLI Example:

salt '*' osquery.suid_bin

salt.modules.osquery.system_controls(attrs=None, where=None)

Return system_controls information from osquery

CLI Example:

salt '*' osquery.system_controls

salt.modules.osquery.time_(attrs=None)

Return time information from osquery

CLI Example:

salt '*' osquery.time

salt.modules.osquery.usb_devices(attrs=None, where=None)

Return usb_devices information from osquery

CLI Example:

salt '*' osquery.usb_devices

salt.modules.osquery.users(attrs=None, where=None)

Return users information from osquery

CLI Example:

salt '*' osquery.users

salt.modules.osquery.version()

Return version of osquery

CLI Example:

salt '*' osquery.version

salt.modules.osquery.xattr_where_from(attrs=None, where=None)

Return xattr_where_from information from osquery

CLI Example:

salt '*' osquery.xattr_where_from

salt.modules.osquery.xprotect_entries(attrs=None, where=None)

Return xprotect_entries information from osquery

CLI Example:

salt '*' osquery.xprotect_entries

salt.modules.osquery.xprotect_reports(attrs=None, where=None)

Return xprotect_reports information from osquery

CLI Example:

salt '*' osquery.xprotect_reports