Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 08:58:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 111

Initial chromeos tables (#11784)

Browse source 
Added initial schema for chromeos tables.
This commit is contained in:
Mo Zhu 2023-05-30 19:04:29 -07:00 committed by GitHub
parent 052dcb7b50
commit 2c6a6a4649
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 371 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
schema/tables/chrome_extensions.yml
View file

@ -1,4 +1,9 @@
name: chrome_extensions
platforms:
- darwin
- windows
- linux
- chromeos
description: Installed extensions (plugins) for [Chromium-based](https://en.wikipedia.org/wiki/Chromium_(web_browser)) browsers, including [Google Chrome](https://en.wikipedia.org/wiki/Google_Chrome), [Edge](https://en.wikipedia.org/wiki/Microsoft_Edge), [Brave](https://en.wikipedia.org/wiki/Brave_(web_browser)), [Opera](https://en.wikipedia.org/wiki/Opera_(web_browser)), and [Yandex](https://en.wikipedia.org/wiki/Yandex_Browser).
examples: >-
List Chrome extensions by user and profile which have full access to HTTPS
@ -10,7 +15,104 @@ examples: >-
```
columns:
- name: browser_type
description: "The type of browser. (Valid values: `chrome`, `chromium`, `opera`, `yandex`, `brave`, `edge`, `edge_beta`)"
- name: uid
requires_user_context: true
platforms:
- darwin
- windows
- linux
- name: profile
platforms:
- darwin
- windows
- linux
- name: profile_path
platforms:
- darwin
- windows
- linux
- name: referenced_identifier
platforms:
- darwin
- windows
- linux
- name: default_locale
platforms:
- darwin
- windows
- linux
- name: current_locale
platforms:
- darwin
- windows
- linux
- name: author
platforms:
- darwin
- windows
- linux
- name: persistent
platforms:
- darwin
- windows
- linux
- name: path
type: string
description: Defaults to '' on ChromeOS
platforms:
- darwin
- windows
- linux
- chromeos
- name: optional_permissions
platforms:
- darwin
- windows
- linux
- name: optional_permissions_json
platforms:
- darwin
- windows
- linux
- name: manifest_hash
platforms:
- darwin
- windows
- linux
- name: referenced
platforms:
- darwin
- windows
- linux
- name: from_webstore
platforms:
- darwin
- windows
- linux
- name: state
type: string
platforms:
- darwin
- windows
- linux
- chromeos
- name: install_time
platforms:
- darwin
- windows
- linux
- name: install_timestamp
platforms:
- darwin
- windows
- linux
- name: manifest_json
platforms:
- darwin
- windows
- linux
- name: key
platforms:
- darwin
- windows
- linux

22
schema/tables/geolocation.yml Normal file
View file

@ -0,0 +1,22 @@
name: geolocation
evented: false
platforms:
- chromeos
description: Last reported geolocation
columns:
- name: ip
type: text
required: false
description: IP address
- name: city
type: text
required: false
description: City
- name: country
type: text
required: false
description: Country
- name: region
type: text
required: false
description: Region

20
schema/tables/network_interfaces.yml Normal file
View file

@ -0,0 +1,20 @@
name: network_interfaces
evented: false
platforms:
- chromeos
description: Uses the `chrome.enterprise.networkingAttributes` API to read information about the host's current network.
columns:
- name: mac
type: text
required: false
description: MAC address (only available to extensions force-installed by enterprise policy)
- name: ipv4
type: text
required: false
description: IPv4 address (only available to extensions force-installed by enterprise policy)
- name: ipv6
type: text
required: false
description: IPv6 address (only available to extensions force-installed by enterprise policy)
notes: >-
- Requires that the fleetd extension is force-installed by enterprise policy

7
schema/tables/os_version.yml
View file

@ -1,4 +1,9 @@
name: os_version
platforms:
- darwin
- linux
- windows
- chromeos
examples: >-
See the OS version as well as the CPU architecture in use (X86 vs ARM for
example)
@ -17,4 +22,4 @@ columns:
- linux
- name: mount_namespace_id
platforms:
- linux
- linux

47
schema/tables/osquery_info.yml
View file

@ -1,4 +1,51 @@
name: osquery_info
platforms:
- darwin
- windows
- linux
- chromeos
columns:
- name: pid
platforms:
- darwin
- windows
- linux
- name: uuid
platforms:
- darwin
- windows
- linux
- name: instance_id
platforms:
- darwin
- windows
- linux
- name: config_hash
platforms:
- darwin
- windows
- linux
- name: config_valid
platforms:
- darwin
- windows
- linux
- name: start_time
platforms:
- darwin
- windows
- linux
- name: watcher
platforms:
- darwin
- windows
- linux
- name: platform_mask
platforms:
- darwin
- windows
- linux
examples: >-
See the version of the currently running osquery.

118
schema/tables/system_info.yml
View file

@ -1,4 +1,122 @@
name: system_info
platforms:
- windows
- darwin
- linux
- chromeos
columns:
- name: cpu_subtype
platforms:
- darwin
- windows
- linux
- name: cpu_physical_cores
platforms:
- darwin
- windows
- linux
- name: cpu_logical_cores
platforms:
- darwin
- windows
- linux
- name: cpu_microcode
platforms:
- darwin
- windows
- linux
- name: hardware_version
platforms:
- darwin
- windows
- linux
- name: board_vendor
platforms:
- darwin
- windows
- linux
- name: board_model
platforms:
- darwin
- windows
- linux
- name: board_version
platforms:
- darwin
- windows
- linux
- name: board_serial
platforms:
- darwin
- windows
- linux
- name: local_hostname
platforms:
- darwin
- windows
- linux
- name: hostname
type: string
description: For ChromeOS, this is only available if the extension was force-installed by an enterprise policy
platforms:
- darwin
- windows
- linux
- chromeos
- name: computer_name
type: string
description: For ChromeOS, if the extension wasn't force-installed by an enterprise policy this will default to 'ChromeOS' only
platforms:
- darwin
- windows
- linux
- chromeos
- name: hardware_serial
type: string
description: The device's serial number (For chromeos, this is only available if the extension was force-installed by an enterprise policy)
platforms:
- darwin
- windows
- linux
- chromeos
- name: hardware_vendor
type: string
description: For ChromeOS, this is only available if the extension was force-installed by an enterprise policy
platforms:
- darwin
- windows
- linux
- chromeos
- name: hardware_model
type: string
description: For ChromeOS, this is only available if the extension was force-installed by an enterprise policy
platforms:
- darwin
- windows
- linux
- chromeos
- name: cpu_brand
type: string
platforms:
- darwin
- windows
- linux
- chromeos
- name: cpu_type
type: string
platforms:
- darwin
- windows
- linux
- chromeos
- name: physical_memory
type: string
platforms:
- darwin
- windows
- linux
- chromeos
examples: >-
See the CPU architecture of a machine as well as who made it and what its
serial number is.

54
schema/tables/users.yml
View file

@ -1,4 +1,9 @@
name: users
platforms:
- darwin
- windows
- linux
- chromeos
examples: >-
List users that have interactive access via a shell that isn't false.
@ -8,6 +13,48 @@ examples: >-
```
columns:
- name: gid
platforms:
- darwin
- windows
- linux
- name: uid_signed
platforms:
- darwin
- windows
- linux
- name: gid_signed
platforms:
- darwin
- windows
- linux
- name: description
platforms:
- darwin
- windows
- linux
- name: directory
platforms:
- darwin
- windows
- linux
- name: shell
platforms:
- darwin
- windows
- linux
- name: uuid
platforms:
- darwin
- windows
- linux
- chromeos
- name: email
required: false
type: string
description: Email
platforms:
- chromeos
- name: type
platforms:
- windows
@ -17,3 +64,10 @@ columns:
- name: pid_with_namespace
platforms:
- linux
- name: username
description: Username
platforms:
- darwin
- windows
- linux
- chromeos