Git Product home page Git Product logo

siquery-rs's Introduction

Siquery

Introduction

A rust library for system information analytics and monitoring.

Siquery provides utilities to explore low level operating system data on mac, windows and linux in an efficient and intuitive way by integrating an SQLite powered interface. SQLite read-only statements can be used to create custom queries to be outputted into a formatted table, JSON or CSV.

Usage

USAGE: 
       siquery.exe [FLAGS] [OPTIONS] [input]

FLAGS:
             --csv        Sets 'csv' output mode
         -h, --help       Prints help information
             --json       Sets 'json' output mode
         -l, --list       Lists all table names
             --pretty     Sets 'print_pretty' output mode
         -V, --version    Prints version information
         -v               Sets the level of verbosity

OPTIONS:
             --schema <schema>     Prints schema of the given table name
         -q, --query <siquery>     Sqlite command
         -a, --A <table>           Selects all from table

ARGS:
         <input>     Sqlite query command

Examples

cargo run -- -q "SELECT DISTINCT process.name, env.key, process.pid FROM processes AS process JOIN process_envs AS env ON process.pid = env.pid where process.name = 'siquery' AND process.pid > 38000 LIMIT 3" 

+---------+----------------+-------+
| name    | key            | pid   |
+=========+================+=======+
| siquery | CARGO_PKG_NAME | 38798 |
+---------+----------------+-------+
| siquery | SHLVL          | 38798 |
+---------+----------------+-------+
| siquery | PATH.          | 38798 |
+---------+----------------+-------+

cargo run -- -q "SELECT DISTINCT process.name, process.pid FROM process_memory_map AS memory JOIN processes as process ON process.path = memory.path where process.pid < 7900 limit 1"

+-----------------+------+
| name            | pid  |
+=================+======+
| dptf_helper.exe | 7800 |
+-----------------+------+

cargo run -- -q "PRAGMA table_info(process_memory_map)"

+-----+-------------+---------+---------+------------+
| cid | name        | type    | notnull | dflt_value |
+=====+=============+=========+=========+============+
| 0   | pid         | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 1   | start       | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 2   | end         | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 3   | permissions | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 4   | offset      | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 5   | device      | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 6   | inode       | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 7   | path        | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 8   | pseudo      | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+

cargo run -- --pretty -q "SELECT * FROM etc_hosts LIMIT 1"

+-----------+-----------+
| address   | hostnames |
+===========+===========+
| 127.0.0.1 | localhost |
+-----------+-----------+

cargo run -- --json -q "SELECT * FROM etc_hosts"

[
  {"address":"127.0.0.1","hostnames":"localhost"},
  {"address":"255.255.255.255","hostnames":"broadcasthost"},
  {"address":"::1","hostnames":"localhost"}
]

cargo run -- --csv -q "SELECT * FROM etc_hosts LIMIT 1"

address|hostnames
127.0.0.1|localhost
255.255.255.255|broadcasthost
::1|localhost

Implemented tables

Table name  Windows  Linux  MacOS
etc_hosts
etc_protocols
etc_services
interface_address
interface_details
system_info
os_version
logical_drives
uptime
processes
process_open_sockets
process_memory_map
products
proxies
users
launchd
launchd_overrides
logged_in_users
logon_sessions
groups
process_envs
mounts
wmi_computer_info
wmi_os_version
wmi_printers
wmi_services
wmi_hotfixes
wmi_shares
wmi_network_adapters
wmi_local_accounts
wmi_bios
wmi_motherboard
wmi_processor
wmi_physical_memory
wmi_sound
wmi_video
wmi_monitors
wmi_keyboard
wmi_pointing_device

siquery-rs's People

Contributors

awakecoding avatar banaru4 avatar devolutionsbot avatar devolutionsinfra avatar ekse avatar failshell avatar mathieumorrissette avatar salahkmt-zz avatar sduquette-devolutions avatar thenextman avatar tsmarvin avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.