Author: maxerist
Subject: A tool similar to osqeury on Windows
Posted: 30 October 2014 at 9:00am
Hi,
as probably some noticed, Facebook made a query tool for monitoring unix-like systems with SQL language (see https://code.facebook.com/posts/844436395567983/introducing-osquery/ )
I thought that sysinternals team is the closest match for making a similar tool for Windows. But... My suggestion is to use XPath instead of SQL. The reason is because SQL relational model is more strict, so it will be not so easy to query unexpected sub-parthes, not mentioning naturally deep level hierarchies like the registry.
Thanks,
Max
Subject: A tool similar to osqeury on Windows
Posted: 30 October 2014 at 9:00am
Hi,
as probably some noticed, Facebook made a query tool for monitoring unix-like systems with SQL language (see https://code.facebook.com/posts/844436395567983/introducing-osquery/ )
I thought that sysinternals team is the closest match for making a similar tool for Windows. But... My suggestion is to use XPath instead of SQL. The reason is because SQL relational model is more strict, so it will be not so easy to query unexpected sub-parthes, not mentioning naturally deep level hierarchies like the registry.
Thanks,
Max