Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
e
Erich Stoekl
04/29/2020, 9:05 PMCan anyone give me an example of a long-running osquery command?
z
zwass
04/29/2020, 9:26 PMSomething that consumes a lot of resources?
e
Erich Stoekl
04/29/2020, 9:54 PMsomething that just runs for a while
something like a sleep
but yes, something that uses a lot of resources would be good
z
zwass
04/29/2020, 10:28 PMosquery> .timer ON
osquery> select count(*) from processes;
+----------+
| count(*) |
+----------+
| 400 |
+----------+
Run Time: real 0.003 user 0.001090 sys 0.001459
osquery> select count(*) from processes, processes;
+----------+
| count(*) |
+----------+
| 160000 |
+----------+
Run Time: real 0.417 user 0.137328 sys 0.279141
osquery> select count(*) from processes, processes,processes;➕ 1
That will give you exponential growth on runtime
e
Erich Stoekl
04/29/2020, 10:39 PMnice, that worked!
thank you
s
seph
05/01/2020, 11:27 AMAdding a hashing will consume resources and take longer.
Curl, maybe