forked from osquery/osquery-python
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfoobar_config.ext
executable file
·41 lines (37 loc) · 1.16 KB
/
foobar_config.ext
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/usr/bin/env python
"""This source code is licensed under the BSD-style license found in the
LICENSE file in the root directory of this source tree. An additional grant
of patent rights can be found in the PATENTS file in the same directory.
"""
import osquery
import json
@osquery.register_plugin
class FoobarConfigPlugin(osquery.ConfigPlugin):
"""Example config plugin"""
def name(self):
return "foobar"
def content(self):
return [
{
"source_one": json.dumps({
"schedule": {
"time_1": {
"query": "select * from time",
"interval": 1,
},
},
}),
"source_two": json.dumps({
"schedule": {
"time_2": {
"query": "select * from time",
"interval": 2,
},
},
}),
}
]
if __name__ == "__main__":
osquery.start_extension(
name="foobar_config",
version="1.0.0",)