Open Files
Retrieves all the open files per process in the target system.:
Query
select distinct pid, path from process_open_files where path not like '/private/var/folders%' and path not like '/System/Library/%' and path not in ('/dev/null', '/dev/urandom', '/dev/random');Additional Query Info
- Version: 1.4.5
- Platform: posix
- Interval: 86400
JSON
{
"queries": {
"Open Files": {
"query": "select distinct pid, path from process_open_files where path not like '/private/var/folders%' and path not like '/System/Library/%' and path not in ('/dev/null', '/dev/urandom', '/dev/random');",
"interval": "86400",
"platform": "posix",
"version": "1.4.5",
"description": "Retrieves all the open files per process in the target system.",
"value": ""
}
}
}