-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain_darwin.go
More file actions
46 lines (42 loc) · 2.58 KB
/
main_darwin.go
File metadata and controls
46 lines (42 loc) · 2.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
//go:build darwin
package main
import (
"context"
"github.com/macadmins/osquery-extension/tables/chromeuserprofiles"
"github.com/macadmins/osquery-extension/tables/localnetworkpermissions"
"github.com/macadmins/osquery-extension/tables/macos_profiles"
"github.com/macadmins/osquery-extension/tables/mdm"
"github.com/macadmins/osquery-extension/tables/sofa"
"github.com/macadmins/osquery-extension/tables/unifiedlog"
"github.com/macadmins/osquery-extension/tables/wifi_network"
"github.com/osquery/osquery-go"
"github.com/osquery/osquery-go/plugin/table"
zlog "github.com/rs/zerolog/log"
"github.com/zentralopensource/osquery-extension/tables/falconctl"
"github.com/zentralopensource/osquery-extension/tables/fleetdm/orbit/pkg/table/adobe_plugins"
"github.com/zentralopensource/osquery-extension/tables/fleetdm/orbit/pkg/table/app_sso_platform"
)
func platformPlugins(socket string) []osquery.OsqueryPlugin {
sofaOpts := []sofa.Option{
sofa.WithUserAgent("zentral-osquery-extension/" + version),
}
return []osquery.OsqueryPlugin{
table.NewPlugin("falconctl", falconctl.FalconctlColumns(), falconctl.FalconctlGenerate),
table.NewPlugin("google_chrome_profiles", chromeuserprofiles.GoogleChromeProfilesColumns(), chromeuserprofiles.GoogleChromeProfilesGenerate),
table.NewPlugin("local_network_permissions", localnetworkpermissions.LocalNetworkPermissionsColumns(), localnetworkpermissions.LocalNetworkPermissionsGenerate),
table.NewPlugin("macos_profiles", macos_profiles.MacOSProfilesColumns(), macos_profiles.MacOSProfilesGenerate),
table.NewPlugin("mdm", mdm.MDMInfoColumns(), mdm.MDMInfoGenerate),
table.NewPlugin("sofa_security_release_info", sofa.SofaSecurityReleaseInfoColumns(), func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
return sofa.SofaSecurityReleaseInfoGenerate(ctx, queryContext, socket, sofaOpts...)
}),
table.NewPlugin("sofa_unpatched_cves", sofa.SofaUnpatchedCVEsColumns(), func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
return sofa.SofaUnpatchedCVEsGenerate(ctx, queryContext, socket, sofaOpts...)
}),
table.NewPlugin("macadmins_unified_log", unifiedlog.UnifiedLogColumns(), unifiedlog.UnifiedLogGenerate),
table.NewPlugin("wifi_network", wifi_network.WifiNetworkColumns(), func(ctx context.Context, queryContext table.QueryContext) ([]map[string]string, error) {
return wifi_network.WifiNetworkGenerate(ctx, queryContext, socket)
}),
adobe_plugins.TablePlugin(zlog.Logger),
table.NewPlugin("app_sso_platform", app_sso_platform.Columns(), app_sso_platform.Generate),
}
}