List resources used by osquery executable

0
osquery_cpu_resources

Description: Track the amount of CPU time used by osquery.

SQL: 

SELECT ov.version AS os_version, ov.platform AS os_platform, 
ov.codename AS os_codename, i.*, 
p.resident_size, p.user_time, p.system_time, 
time.minutes AS counter, db.db_size_mb AS database_size 
FROM osquery_info i, os_version ov, processes p, time, 
(SELECT (sum(size) / 1024) / 1024.0 AS db_size_mb FROM 
(SELECT value FROM osquery_flags 
WHERE name = 'database_path' LIMIT 1) flags, file 
WHERE path LIKE flags.value || '%%' AND type = 'regular') db 
WHERE p.pid = i.pid;

Operating Systems: Windows, Linux, Apple, FreeBSD

Reference:

Leave a Reply 0

Your email address will not be published. Required fields are marked *