https://github.com/osquery/osquery logo
Join Slack
Powered by
It looks like a Thrift extension socket exists: ``...
# general
t
It looks like a Thrift extension socket exists:
Copy code
osquery> select name,value from osquery_flags where name = "extensions_socket";
+-------------------+-------------------------+
| name              | value                   |
+-------------------+-------------------------+
| extensions_socket | /root/.osquery/shell.em |
+-------------------+-------------------------+
It looks like extensions are enabled:
Copy code
osquery> select name, value from osquery_flags where name like '%ext%';
+----------------------------+------------------------------+
| name                       | value                        |
+----------------------------+------------------------------+
| disable_extensions         | false                        |
| enable_extensions_watchdog | false                        |
| extension                  |                              |
| extensions_autoload        | /etc/osquery/extensions.load |
| extensions_interval        | 3                            |
| extensions_require         |                              |
| extensions_socket          | /root/.osquery/shell.em      |
| extensions_timeout         | 3                            |
+----------------------------+------------------------------+
2 Views
Open in Slack
PreviousNext
Powered by