Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
s
Shan
06/14/2020, 4:50 AMhello. i am trying to run osquery in an automated fashion on windows environment. i am writing a python module - but seeing problem. i am sure i made some mistakes. is there a step by step guide to enable using osquery via python automation? I have looked in github and found one osquery-python. but having isues there.
p
packetzero
06/14/2020, 2:30 PMI haven't used python for extensions. Did you see this?https://holdmybeersecurity.com/2020/02/11/creating-my-first-osquery-extension-to-generate-communityids-with-osquery-python-on-windows/
s
seph
06/14/2020, 8:37 PMWhat are you asking? It's a process. Run it using any standard process management tools. Python on windows seems like an unusual choice, but I don't know you're environment.
More common is to run osqueryd as a service.
Less common is to shell out to osqueryi
Somethings (kolide launcher) manage osqueryd as subprocesses. As said, it's a process. Manage it however.
s
Shan
06/17/2020, 4:09 AMthanks @seph and @packetzero I was able to automate using OSQUERYD.exe -not shell.