osquery-python
osquery-python copied to clipboard
osquery
osquery.SpawnInstance() fails on windows
-
pip install osqueryin a windows Python virtualenv - Run
python -
import osquery -
osquery.SpawnInstance()
Expected:
<osquery.management.SpawnInstance object at 0xBLAHBLAHBBLAH>
Observed:
>>> core.mk_instance()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\path\to\core.py", line 229, in mk_instance
instance = osquery.SpawnInstance()
File "C:\path\to\env\lib\site-packages\osquery\management.py", line 71, in __init__
self.path = WINDOWS_BINARY_PATH
NameError: name 'WINDOWS_BINARY_PATH' is not defined. Did you mean: 'LINUX_BINARY_PATH'?
Windows version (once working):
>>> inst.client.query("select * from system_info")
ExtensionResponse(status=ExtensionStatus(code=0, message='OK', uuid=0), response=[{'board_model': '', 'board_serial': '', 'board_vendor': '', 'board_version': '', 'computer_name': 'DESKTOP-U465U82', 'cpu_brand': 'Intel(R) Core(TM) m3-7Y30 CPU @ 1.00GHz', 'cpu_logical_cores': '4', 'cpu_microcode': '180', 'cpu_physical_cores': '2', 'cpu_sockets': '1', 'cpu_subtype': '-1', 'cpu_type': 'x86_64', 'hardware_model': 'UX330CAK', 'hardware_serial': 'H6N0WU011420239', 'hardware_vendor': 'ASUSTeK COMPUTER INC.', 'hardware_version': '-1', 'hostname': 'DESKTOP-U465U82', 'local_hostname': 'DESKTOP-U465U82', 'physical_memory': '8589934592', 'uuid': '304E3648-5557-3130-3134-323032333936'}])
>>> inst.client.query("select * from os_version")
ExtensionResponse(status=ExtensionStatus(code=0, message='OK', uuid=0), response=[{'arch': '64-bit', 'build': '19045', 'codename': 'Microsoft Windows 10 Home', 'install_date': '1708910913', 'major': '10', 'minor': '0', 'name': 'Microsoft Windows 10 Home', 'patch': '', 'platform': 'windows', 'platform_like': 'windows', 'revision': '4170', 'version': '10.0.19045'}])
>>>
