Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91

ChromeOS privacy_preferences table (#12441)

Browse source 
## Addresses #11037 

### Implement the `privacy_preferences` table for the Fleetd Chrome
extension. Columns correspond to the available properties of
[`chrome.privacy`](https://developer.chrome.com/docs/extensions/reference/privacy/).

Chrome on mac:
<img width="816" alt="Screenshot 2023-06-23 at 11 55 21 AM"
src="https://github.com/fleetdm/fleet/assets/61553566/a4700749-6325-442e-acf2-c14b1c9adf8f">

Chromebook with enterprise access (actual use case):
![Image from
iOS](https://github.com/fleetdm/fleet/assets/61553566/93f2243d-357a-4d85-bd20-0aebd178388c)

* Chromebook w/o enterprise access: as you can see, sometimes certain
APIs are not available - this error occurs because the expected API
object that would have a `get` method is actually `undefined` TODO – How
to handle this case given that we want to let errors bubble up to the
level at which Fleet can catch them? Maybe it would be nice to catch
such errors and send them up to the Fleet layer, and still allow the
loop to continue to populate the columns whose APIs _are_ available.
_Decision: catch API errors here to preserve functionality of the
remaining columns_

![IMG_9407](https://github.com/fleetdm/fleet/assets/61553566/7fb26eb4-44e8-43f8-90c0-8b3d718c5ace)

- [x] Changes file
- [x] Manual QA

---------

Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
This commit is contained in:
Jacob Shandling 2023-06-23 14:52:16 -07:00 committed by GitHub
parent 349149ef6a
commit 2855bc8f7f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 5301 additions and 212 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changes/11037-privacy_preferences-chromeos-table Normal file
View file

@ -0,0 +1 @@
* Implement the privacy_preferences table for the Fleetd Chrome extension

40
ee/fleetd-chrome/src/db.ts
View file

@ -1,14 +1,16 @@
import SQLiteAsyncESMFactory from "wa-sqlite/dist/wa-sqlite-async.mjs";
import * as SQLite from "wa-sqlite";
import TableOSVersion from "./tables/os_version";
import TableGeolocation from "./tables/geolocation";
import TableSystemInfo from "./tables/system_info";
import TableOsqueryInfo from "./tables/osquery_info";
import TableNetworkInterfaces from "./tables/network_interfaces";
import TableUsers from "./tables/users";
// Alphabetical order
import Table from "./tables/Table";
import TableChromeExtensions from "./tables/chrome_extensions";
import TableGeolocation from "./tables/geolocation";
import TableNetworkInterfaces from "./tables/network_interfaces";
import TableOsqueryInfo from "./tables/osquery_info";
import TableOSVersion from "./tables/os_version";
import TablePrivacyPreferences from "./tables/privacy_preferences";
import TableSystemInfo from "./tables/system_info";
import TableUsers from "./tables/users";
export default class VirtualDatabase {
sqlite3: SQLiteAPI;
@ -18,21 +20,27 @@ export default class VirtualDatabase {
this.sqlite3 = sqlite3;
this.db = db;
VirtualDatabase.register(sqlite3, db, new TableOSVersion(sqlite3, db));
VirtualDatabase.register(sqlite3, db, new TableGeolocation(sqlite3, db));
VirtualDatabase.register(sqlite3, db, new TableSystemInfo(sqlite3, db));
VirtualDatabase.register(sqlite3, db, new TableOsqueryInfo(sqlite3, db));
VirtualDatabase.register(
sqlite3,
db,
new TableNetworkInterfaces(sqlite3, db)
);
VirtualDatabase.register(sqlite3, db, new TableUsers(sqlite3, db));
// Alphabetical order
VirtualDatabase.register(
sqlite3,
db,
new TableChromeExtensions(sqlite3, db)
);
VirtualDatabase.register(sqlite3, db, new TableGeolocation(sqlite3, db));
VirtualDatabase.register(
sqlite3,
db,
new TableNetworkInterfaces(sqlite3, db)
);
VirtualDatabase.register(sqlite3, db, new TableSystemInfo(sqlite3, db));
VirtualDatabase.register(
sqlite3,
db,
new TablePrivacyPreferences(sqlite3, db)
);
VirtualDatabase.register(sqlite3, db, new TableOSVersion(sqlite3, db));
VirtualDatabase.register(sqlite3, db, new TableOsqueryInfo(sqlite3, db));
VirtualDatabase.register(sqlite3, db, new TableUsers(sqlite3, db));
}
public static async init(): Promise<VirtualDatabase> {

97
ee/fleetd-chrome/src/tables/privacy_preferences.ts Normal file
View file

@ -0,0 +1,97 @@
import Table from "./Table";
export default class TablePrivacyPreferences extends Table {
// expose properties available from the chrome.privacy API as a virtual osquery "table"
// https://developer.chrome.com/docs/extensions/reference/privacy/
name = "privacy_preferences";
propertyAPIs = {
// all of type `types.ChromeSetting<boolean>` with default `true` unless otherwise specified
// though all of these properties are documented, some have not been added to the
// typings we are using: https://www.npmjs.com/package/@types/chrome and must be `@ts-ignore`d
// network
network_prediction_enabled: chrome.privacy.network.networkPredictionEnabled,
// type `types.ChromeSetting<IPHandlingPolicy>`, default "default"
// IPHandlingPolicy:
// "default" | "default_public_and_private_interfaces" |
// "default_public_interface_only" | "disable_non_proxied_udp"
web_rtc_ip_handling_policy: chrome.privacy.network.webRTCIPHandlingPolicy,
// services
autofill_address_enabled: chrome.privacy.services.autofillAddressEnabled,
autofill_credit_card_enabled:
chrome.privacy.services.autofillCreditCardEnabled,
// DEPRECATED and replaced with above two properties
autofill_enabled: chrome.privacy.services.autofillEnabled,
save_passwords_enabled: chrome.privacy.services.passwordSavingEnabled,
safe_browsing_enabled: chrome.privacy.services.safeBrowsingEnabled,
// default false
safe_browsing_extended_reporting_enabled:
chrome.privacy.services.safeBrowsingExtendedReportingEnabled,
search_suggest_enabled: chrome.privacy.services.searchSuggestEnabled,
// default false
spelling_service_enabled: chrome.privacy.services.spellingServiceEnabled,
translation_service_enabled:
chrome.privacy.services.translationServiceEnabled,
// websites
// @ts-ignore
ad_measurement_enabled: chrome.privacy.websites.adMeasurementEnabled,
// default false
do_not_track_enabled: chrome.privacy.websites.doNotTrackEnabled,
// @ts-ignore
fledge_enabled: chrome.privacy.websites.fledgeEnabled,
hyperlink_auditing_enabled:
chrome.privacy.websites.hyperlinkAuditingEnabled,
// @ts-ignore, DEPRECATED
privacy_sandbox_enabled: chrome.privacy.websites.privacySandboxEnabled,
protected_content_enabled: chrome.privacy.websites.protectedContentEnabled,
referrers_enabled: chrome.privacy.websites.referrersEnabled,
third_party_cookies_allowed:
chrome.privacy.websites.thirdPartyCookiesAllowed,
// @ts-ignore
topics_enabled: chrome.privacy.websites.topicsEnabled,
};
columns = Object.keys(this.propertyAPIs);
async generate() {
const results = []; // Promise<{string: number | string}>[]
const errors = [];
for (const [property, propertyAPI] of Object.entries(this.propertyAPIs)) {
results.push(
new Promise((resolve) => {
try {
propertyAPI.get({}, (details) => {
if (property === "web_rtc_ip_handling_policy") {
resolve({ [property]: details.value });
} else {
// convert bool response to binary flag
if (details.value === true) {
resolve({ [property]: 1 });
} else {
resolve({ [property]: 0 });
}
}
});
} catch (error) {
errors.push({ [property]: error });
resolve({ [property]: null });
}
})
);
}
// wait for each API to call to resolve
const columns = await Promise.all(results);
errors.length > 0 &&
console.log("Caught errors in chrome API calls: ", errors);
return [
columns.reduce((resultRow, column) => {
return { ...resultRow, ...column };
}, {}),
];
}
}

4737
ee/fleetd-chrome/yarn.lock Normal file
View file

File diff suppressed because it is too large Load diff

1
package.json
View file

@ -95,6 +95,7 @@
"@testing-library/react": "12.1.4",
"@testing-library/user-event": "14.4.3",
"@tsconfig/recommended": "1.0.1",
"@types/chrome": "0.0.237",
"@types/classnames": "0.0.32",
"@types/cypress": "1.1.3",
"@types/expect": "1.20.3",

525
schema/osquery_fleet_schema.json
View file

@ -27820,6 +27820,34 @@
"url": "https://fleetdm.com/tables/dscl",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/dscl.yml"
},
{
"name": "file_lines",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"description": "Allows reading an arbitrary file.",
"platforms": [
"darwin",
"windows",
"linux"
],
"evented": false,
"examples": "Output the content of `/etc/hosts` line by line. \n```\nSELECT * FROM file_lines WHERE path='/etc/hosts';\n```",
"columns": [
{
"name": "path",
"description": "Path of the file to read.",
"required": true,
"type": "text"
},
{
"name": "line",
"description": "Output of the file, line by line.",
"required": false,
"type": "text"
}
],
"url": "https://fleetdm.com/tables/file_lines",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/file_lines.yml"
},
{
"name": "filevault_prk",
"platforms": [
@ -27865,34 +27893,6 @@
"url": "https://fleetdm.com/tables/filevault_users",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/filevault_users.yml"
},
{
"name": "file_lines",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"description": "Allows reading an arbitrary file.",
"platforms": [
"darwin",
"windows",
"linux"
],
"evented": false,
"examples": "Output the content of `/etc/hosts` line by line. \n```\nSELECT * FROM file_lines WHERE path='/etc/hosts';\n```",
"columns": [
{
"name": "path",
"description": "Path of the file to read.",
"required": true,
"type": "text"
},
{
"name": "line",
"description": "Output of the file, line by line.",
"required": false,
"type": "text"
}
],
"url": "https://fleetdm.com/tables/file_lines",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/file_lines.yml"
},
{
"name": "firmware_eficheck_integrity_check",
"platforms": [
@ -27918,42 +27918,6 @@
"url": "https://fleetdm.com/tables/firmware_eficheck_integrity_check",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/firmware_eficheck_integrity_check.yml"
},
{
"name": "geolocation",
"evented": false,
"platforms": [
"chrome"
],
"description": "Last reported geolocation",
"columns": [
{
"name": "ip",
"type": "text",
"required": false,
"description": "IP address"
},
{
"name": "city",
"type": "text",
"required": false,
"description": "City"
},
{
"name": "country",
"type": "text",
"required": false,
"description": "Country"
},
{
"name": "region",
"type": "text",
"required": false,
"description": "Region"
}
],
"url": "https://fleetdm.com/tables/geolocation",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/geolocation.yml"
},
{
"name": "google_chrome_profiles",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
@ -27994,6 +27958,42 @@
"url": "https://fleetdm.com/tables/google_chrome_profiles",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/google_chrome_profiles.yml"
},
{
"name": "geolocation",
"evented": false,
"platforms": [
"chrome"
],
"description": "Last reported geolocation",
"columns": [
{
"name": "ip",
"type": "text",
"required": false,
"description": "IP address"
},
{
"name": "city",
"type": "text",
"required": false,
"description": "City"
},
{
"name": "country",
"type": "text",
"required": false,
"description": "Country"
},
{
"name": "region",
"type": "text",
"required": false,
"description": "Region"
}
],
"url": "https://fleetdm.com/tables/geolocation",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/geolocation.yml"
},
{
"name": "icloud_private_relay",
"platforms": [
@ -28129,6 +28129,43 @@
"url": "https://fleetdm.com/tables/macadmins_unified_log",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/macadmins_unified_log.yml"
},
{
"name": "macos_rsr",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"description": "Returns information about installed Rapid Security Responses (RSRs).",
"platforms": [
"darwin"
],
"evented": false,
"columns": [
{
"name": "full_macos_version",
"description": "Full macOS version string (including the RSR suffix)",
"required": false,
"type": "text"
},
{
"name": "macos_version",
"description": "The macOS version string (excluding the RSR suffix)",
"required": false,
"type": "text"
},
{
"name": "rsr_supported",
"description": "Whether this macOS version supports RSRs (>= 13). Possible values are 'true' or 'false'.",
"required": false,
"type": "text"
},
{
"name": "rsr_version",
"description": "RSR version string suffix (with parenthesis included)",
"required": false,
"type": "text"
}
],
"url": "https://fleetdm.com/tables/macos_rsr",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/macos_rsr.yml"
},
{
"name": "macos_profiles",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
@ -28191,43 +28228,6 @@
"url": "https://fleetdm.com/tables/macos_profiles",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/macos_profiles.yml"
},
{
"name": "macos_rsr",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"description": "Returns information about installed Rapid Security Responses (RSRs).",
"platforms": [
"darwin"
],
"evented": false,
"columns": [
{
"name": "full_macos_version",
"description": "Full macOS version string (including the RSR suffix)",
"required": false,
"type": "text"
},
{
"name": "macos_version",
"description": "The macOS version string (excluding the RSR suffix)",
"required": false,
"type": "text"
},
{
"name": "rsr_supported",
"description": "Whether this macOS version supports RSRs (>= 13). Possible values are 'true' or 'false'.",
"required": false,
"type": "text"
},
{
"name": "rsr_version",
"description": "RSR version string suffix (with parenthesis included)",
"required": false,
"type": "text"
}
],
"url": "https://fleetdm.com/tables/macos_rsr",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/macos_rsr.yml"
},
{
"name": "mdm",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).<p> Code based on work by [Kolide](https://github.com/kolide/launcher). <p> Due to changes in macOS 12.3, the output of `profiles show -type enrollment` can only be generated once a day. If you are running this command with another tool, you should set the `PROFILES_SHOW_ENROLLMENT_CACHE_PATH` environment variable to the path you are caching this. The cache file should be `json` with the keys `dep_capable` and `rate_limited present`, both booleans representing whether the device is capable of DEP enrollment and whether the response from `profiles show -type enrollment` is being rate limited or not.",
@ -28320,49 +28320,6 @@
"url": "https://fleetdm.com/tables/mdm",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/mdm.yml"
},
{
"name": "mdm_bridge",
"platforms": [
"windows"
],
"description": "Allows querying MDM enrolled devices using \"get\" commands.",
"columns": [
{
"name": "enrollment_status",
"type": "text",
"required": false,
"description": "Contains the enrollment status of the device, possible values are \"device_enrolled\" and \"device_unenrolled\"."
},
{
"name": "enrolled_user",
"type": "text",
"required": false,
"description": "Contains the enrollment URI of the device."
},
{
"name": "mdm_command_input",
"type": "text",
"required": false,
"description": "The \"get\" command to execute on the device. If empty, no command is executed and the \"enrollment_status\" and \"enrolled_user\" columns are returned."
},
{
"name": "mdm_command_output",
"type": "text",
"required": false,
"description": "Value of the \"Results\" field of the MDM command output."
},
{
"name": "raw_mdm_command_output",
"type": "text",
"required": false,
"description": "The full raw output of the MDM command execution."
}
],
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"evented": false,
"url": "https://fleetdm.com/tables/mdm_bridge",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/mdm_bridge.yml"
},
{
"name": "munki_info",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).<p> Code based on work by [Kolide](https://github.com/kolide/launcher).",
@ -28500,6 +28457,49 @@
"url": "https://fleetdm.com/tables/network_interfaces",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/network_interfaces.yml"
},
{
"name": "mdm_bridge",
"platforms": [
"windows"
],
"description": "Allows querying MDM enrolled devices using \"get\" commands.",
"columns": [
{
"name": "enrollment_status",
"type": "text",
"required": false,
"description": "Contains the enrollment status of the device, possible values are \"device_enrolled\" and \"device_unenrolled\"."
},
{
"name": "enrolled_user",
"type": "text",
"required": false,
"description": "Contains the enrollment URI of the device."
},
{
"name": "mdm_command_input",
"type": "text",
"required": false,
"description": "The \"get\" command to execute on the device. If empty, no command is executed and the \"enrollment_status\" and \"enrolled_user\" columns are returned."
},
{
"name": "mdm_command_output",
"type": "text",
"required": false,
"description": "Value of the \"Results\" field of the MDM command output."
},
{
"name": "raw_mdm_command_output",
"type": "text",
"required": false,
"description": "The full raw output of the MDM command execution."
}
],
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"evented": false,
"url": "https://fleetdm.com/tables/mdm_bridge",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/mdm_bridge.yml"
},
{
"name": "nvram_info",
"platforms": [
@ -28601,6 +28601,139 @@
"url": "https://fleetdm.com/tables/pmset",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/pmset.yml"
},
{
"name": "privacy_preferences",
"notes": "This table is not a core osquery table. It is included as part of the Fleetd Chrome extension.",
"description": "Information on Chrome features that can affect a user's privacy, available from the [chrome.privacy APIs](https://developer.chrome.com/docs/extensions/reference/privacy/)",
"platforms": [
"chrome"
],
"evented": false,
"columns": [
{
"name": "network_prediction_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "web_rtc_ip_handling_policy",
"description": "One of \"default\", \"default_public_and_private_interfaces\", \"default_public_interface_only\", or \"disable_non_proxied_udp\"",
"required": false,
"type": "text"
},
{
"name": "autofill_address_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "autofill_credit_card_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "autofill_enabled",
"description": "1 if enabled else 0 - * Deprecated since Chrome 70, please use privacy.services.autofillAddressEnabled and privacy.services.autofillCreditCardEnabled. This currently remains for backward compatibility and will be removed in the future.",
"required": false,
"type": "integer"
},
{
"name": "save_passwords_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "safe_browsing_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "safe_browsing_extended_reporting_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "search_suggest_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "spelling_service_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "translation_service_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "ad_measurement_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "do_not_track_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "fledge_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "hyperlink_auditing_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "privacy_sandbox_enabled",
"description": "1 if enabled else 0 - * Deprecated since Chrome 111, see notes in the [https://developer.chrome.com/docs/extensions/reference/privacy/#property-websites-privacySandboxEnabled](Chrome extensions API docs)",
"required": false,
"type": "integer"
},
{
"name": "protected_content_enabled",
"description": "1 if enabled else 0 - * Windows and ChromeOS only",
"required": false,
"type": "integer"
},
{
"name": "referrers_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "third_party_cookies_allowed",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
},
{
"name": "topics_enabled",
"description": "1 if enabled else 0",
"required": false,
"type": "integer"
}
],
"url": "https://fleetdm.com/tables/privacy_preferences",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/privacy_preferences.yml"
},
{
"name": "puppet_info",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
@ -28719,58 +28852,6 @@
"url": "https://fleetdm.com/tables/puppet_info",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/puppet_info.yml"
},
{
"name": "puppet_logs",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"description": "Outputs [Puppet](https://puppet.com/) logs from the last run.",
"platforms": [
"darwin",
"windows",
"linux"
],
"evented": false,
"examples": "List Puppet logs that are of a level of anything but informational.\n```\nSELECT * FROM puppet_logs WHERE level!='info';\n```",
"columns": [
{
"name": "level",
"description": "The level of the log item (info, error, etc).",
"required": false,
"type": "text"
},
{
"name": "message",
"description": "The log message content.",
"required": false,
"type": "text"
},
{
"name": "source",
"description": "The source of the log item.",
"required": false,
"type": "text"
},
{
"name": "time",
"description": "The time at which this item was logged.",
"required": false,
"type": "text"
},
{
"name": "file",
"description": "The file from which osquery read this log.",
"required": false,
"type": "text"
},
{
"name": "line",
"description": "The line from which this log item was read.",
"required": false,
"type": "text"
}
],
"url": "https://fleetdm.com/tables/puppet_logs",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/puppet_logs.yml"
},
{
"name": "puppet_state",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
@ -28865,6 +28946,58 @@
"url": "https://fleetdm.com/tables/puppet_state",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/puppet_state.yml"
},
{
"name": "puppet_logs",
"notes": "This table is not a core osquery table. It is included as part of [Fleetd](https://fleetdm.com/docs/using-fleet/orbit), the osquery manager from Fleet. Fleetd can be built with [fleetctl](https://fleetdm.com/docs/using-fleet/adding-hosts#osquery-installer).",
"description": "Outputs [Puppet](https://puppet.com/) logs from the last run.",
"platforms": [
"darwin",
"windows",
"linux"
],
"evented": false,
"examples": "List Puppet logs that are of a level of anything but informational.\n```\nSELECT * FROM puppet_logs WHERE level!='info';\n```",
"columns": [
{
"name": "level",
"description": "The level of the log item (info, error, etc).",
"required": false,
"type": "text"
},
{
"name": "message",
"description": "The log message content.",
"required": false,
"type": "text"
},
{
"name": "source",
"description": "The source of the log item.",
"required": false,
"type": "text"
},
{
"name": "time",
"description": "The time at which this item was logged.",
"required": false,
"type": "text"
},
{
"name": "file",
"description": "The file from which osquery read this log.",
"required": false,
"type": "text"
},
{
"name": "line",
"description": "The line from which this log item was read.",
"required": false,
"type": "text"
}
],
"url": "https://fleetdm.com/tables/puppet_logs",
"fleetRepoUrl": "https://github.com/fleetdm/fleet/blob/main/schema/tables/puppet_logs.yml"
},
{
"name": "pwd_policy",
"platforms": [

87
schema/tables/privacy_preferences.yml Normal file
View file

@ -0,0 +1,87 @@
name: privacy_preferences
notes: This table is not a core osquery table. It is included as part of the Fleetd Chrome extension.
description: Information on Chrome features that can affect a user's privacy, available from the [chrome.privacy APIs](https://developer.chrome.com/docs/extensions/reference/privacy/)
platforms:
- chrome
evented: false
columns:
- name: network_prediction_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: web_rtc_ip_handling_policy
description: One of "default", "default_public_and_private_interfaces", "default_public_interface_only", or "disable_non_proxied_udp"
required: false
type: text
- name: autofill_address_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: autofill_credit_card_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: autofill_enabled
description: 1 if enabled else 0 - * Deprecated since Chrome 70, please use privacy.services.autofillAddressEnabled and privacy.services.autofillCreditCardEnabled. This currently remains for backward compatibility and will be removed in the future.
required: false
type: integer
- name: save_passwords_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: safe_browsing_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: safe_browsing_extended_reporting_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: search_suggest_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: spelling_service_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: translation_service_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: ad_measurement_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: do_not_track_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: fledge_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: hyperlink_auditing_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: privacy_sandbox_enabled
description: 1 if enabled else 0 - * Deprecated since Chrome 111, see https://developer.chrome.com/docs/extensions/reference/privacy/#property-websites-privacySandboxEnabled
required: false
type: integer
- name: protected_content_enabled
description: 1 if enabled else 0 - * Windows and ChromeOS only
required: false
type: integer
- name: referrers_enabled
description: 1 if enabled else 0
required: false
type: integer
- name: third_party_cookies_allowed
description: 1 if enabled else 0
required: false
type: integer
- name: topics_enabled
description: 1 if enabled else 0
required: false
type: integer

25
yarn.lock
View file

@ -3292,6 +3292,14 @@
"@types/connect" "*"
"@types/node" "*"
"@types/chrome@0.0.237":
version "0.0.237"
resolved "https://registry.yarnpkg.com/@types/chrome/-/chrome-0.0.237.tgz#20a38e1d1134e2725fc7eb43c881e55e1b24ddd7"
integrity sha512-krsRmyfMlck5r+H1EapsrrucDRq6iRm0NAi5fapr93CgnpVMDdK+h2+z4x79GegdW7BNH9Vb//gkptORwwwVIQ==
dependencies:
"@types/filesystem" "*"
"@types/har-format" "*"
"@types/classnames@0.0.32":
version "0.0.32"
resolved "https://registry.npmjs.org/@types/classnames/-/classnames-0.0.32.tgz"
@ -3406,6 +3414,18 @@
resolved "https://registry.yarnpkg.com/@types/file-saver/-/file-saver-2.0.5.tgz#9ee342a5d1314bb0928375424a2f162f97c310c7"
integrity sha512-zv9kNf3keYegP5oThGLaPk8E081DFDuwfqjtiTzm6PoxChdJ1raSuADf2YGCVIyrSynLrgc8JWv296s7Q7pQSQ==
"@types/filesystem@*":
version "0.0.32"
resolved "https://registry.yarnpkg.com/@types/filesystem/-/filesystem-0.0.32.tgz#307df7cc084a2293c3c1a31151b178063e0a8edf"
integrity sha512-Yuf4jR5YYMR2DVgwuCiP11s0xuVRyPKmz8vo6HBY3CGdeMj8af93CFZX+T82+VD1+UqHOxTq31lO7MI7lepBtQ==
dependencies:
"@types/filewriter" "*"
"@types/filewriter@*":
version "0.0.29"
resolved "https://registry.yarnpkg.com/@types/filewriter/-/filewriter-0.0.29.tgz#a48795ecadf957f6c0d10e0c34af86c098fa5bee"
integrity sha512-BsPXH/irW0ht0Ji6iw/jJaK8Lj3FJemon2gvEqHKpCdDCeemHa+rI3WBGq5z7cDMZgoLjY40oninGxqk+8NzNQ==
"@types/find-cache-dir@^3.2.1":
version "3.2.1"
resolved "https://registry.yarnpkg.com/@types/find-cache-dir/-/find-cache-dir-3.2.1.tgz#7b959a4b9643a1e6a1a5fe49032693cc36773501"
@ -3426,6 +3446,11 @@
dependencies:
"@types/node" "*"
"@types/har-format@*":
version "1.2.11"
resolved "https://registry.yarnpkg.com/@types/har-format/-/har-format-1.2.11.tgz#26aff34e9c782b2648cc45778abadcd930f7db43"
integrity sha512-T232/TneofqK30AD1LRrrf8KnjLvzrjWDp7eWST5KoiSzrBfRsLrWDPk4STQPW4NZG6v2MltnduBVmakbZOBIQ==
"@types/hast@^2.0.0":
version "2.3.4"
resolved "https://registry.npmjs.org/@types/hast/-/hast-2.3.4.tgz"