Hi all. I am trying to calculate the hash of started processes ( getting the path of the started process and hashing the binary). I am using a separate thread and using the

osquery::SQL

object to run the query

select sha256 from hash where path = '<path>';

to get the hash. I get loads of

DBManager contention: opening transient SQLite database

. Is that a bad thing ? is there a more correct way of doing what I am trying to do?

Hey! That’s not a terrible thing and is not an error but indicates a situation where the performance can be improved.

Thank you. I think I found a workaround. I still get those logs but related to another query.

My recommendation is to avoid using the table's abstraction around hashing. Instead you can use the hashing libraries in osquery, which wrap OpenSSL. They should be easy to use, you can look at the internals of the

hash

table for a reference.

oh ok. the thing is I need exactly the behaviour the

hashTablePlugin

is having ( calc. md5 sha1 sha256 for path/dir) querying the table

hash

, but I need to do it programmatically and asynchronously. I thought that was the best way to avoid repeating myself. Is there a way of populating a table without calling the corresponding Plugin? As you can see I am not full aware of the code in osquery..