Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-21 16:08:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 100
fleet/schema/tables/package_bom.yml
Brock Walters b45dbdc58e
Update package_bom.yml (#19634) 
Updates to the package_bom table per #16993
2024-06-11 11:13:23 -04:00

12 lines
884 B
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: package_bom
description: The "bill of materials" (`.bom`) file in a macOS installer package (`.pkg`) lists all files installed by the package. The `package_bom` osquery table collects the data from the `.bom` files created in `/private/var/db/receipts` by macOS when a `.pkg` file is executed.
examples: |-
This query collects the filepath and time of installation for the libVFXCore.dylib (Dynamic Library) file installed as part of Xcode.app:
```
SELECT filepath,modified_time FROM package_bom WHERE path='/private/var/db/receipts/com.apple.pkg.Xcode.bom' AND filepath LIKE '%libVFXCore.dylib';
```
notes: |-
Keeping track of files installed by applications is critical for upholding software management best security practices.
Apples [installer package documentation](https://developer.apple.com/documentation/xcode/packaging-mac-software-for-distribution)
Reference in a new issue View git blame Copy permalink