Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 17:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 83

Create pipes.yml (#19638)

Browse source 
Create pipes table per #16993

---------

Co-authored-by: Eric <eashaw@sailsjs.com>
This commit is contained in:
Brock Walters 2024-06-11 11:43:54 -04:00 committed by GitHub
parent d69a4406a5
commit 6e0ef1f446
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
schema/tables/pipes.yml Normal file
View file

@ -0,0 +1,19 @@
name: pipes
description: |- # (required) string - The description for this table. Note: this field supports Markdown
Named pipes in Windows can be used to provide communication between processes on a computer or between processes on different computers across a network. The `pipes` osquery table lists the named pipes currently running on a Windows computer.
examples: |- # (optional) string - An example query for this table. Note: This field supports Markdown
This query displays all attributes (columns) for the named pipe enabled by opening PowerShell:
```
SELECT * FROM pipes WHERE name LIKE '%powershell';
```
notes: |- # (optional) string - Notes about this table. Note: This field supports Markdown.
Running the following command at a prompt in PowerShell lists the named pipes currently open on a Windows computer:
```
get-childitem \\.\pipe\
```
Links:
- Microsoft documentation on [named pipes](https://learn.microsoft.com/en-us/windows/win32/ipc/named-pipes)
- Discover files linked to processes with Windows [Process Explorer](https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer)