mirror of
https://github.com/fleetdm/fleet
synced 2026-05-22 16:39:01 +00:00
20 lines
1.2 KiB
YAML
20 lines
1.2 KiB
YAML
name: pipes
|
|
description: |- # (required) string - The description for this table. Note: this field supports Markdown
|
|
Named pipes in Windows can be used to provide communication between processes on a computer or between processes on different computers across a network. The `pipes` osquery table lists the named pipes currently running on a Windows computer.
|
|
examples: |- # (optional) string - An example query for this table. Note: This field supports Markdown
|
|
This query displays all attributes (columns) for the named pipe enabled by opening PowerShell:
|
|
|
|
```
|
|
SELECT * FROM pipes WHERE name LIKE '%powershell';
|
|
```
|
|
notes: |- # (optional) string - Notes about this table. Note: This field supports Markdown.
|
|
Running the following command at a prompt in PowerShell lists the named pipes currently open on a Windows computer:
|
|
|
|
```
|
|
PS C:\Windows\System32> get-childitem \\.\pipe\
|
|
```
|
|
|
|
Links:
|
|
- Microsoft documentation on [named pipes](https://learn.microsoft.com/en-us/windows/win32/ipc/named-pipes)
|
|
- Discover files linked to processes with Windows [Process Explorer](https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer)
|
|
- Windows [PowerShell](https://learn.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7.4)
|