You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Note that if you receive an error on the above, TCC.db is a protected file and requires Full Disk Access. You may be required to add this to `Terminal` (or `iTerm`, or any other terminal emulator) in order to allow `sqlite3` and `osqueryi` to open this file.
The SQLite shell might feel familiar if you're used to `osqueryi`. That's because osquery uses syntax derived from SQLite for queries.
Let's see what tables exist in our local SQLite database.
Expand DownExpand Up
@@ -618,6 +620,8 @@ Open a text editor and create a file named `atc_tables.json` using the columns,
You can test this locally before deploying to your fleet and add more columns as necessary: `/usr/local/bin/osqueryi --verbose --config_path atc_tables.json`
