Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OS Icons on the schema page appear to be inaccurate sometimes #29

Closed
clong opened this issue Jan 25, 2018 · 6 comments
Closed

OS Icons on the schema page appear to be inaccurate sometimes #29

clong opened this issue Jan 25, 2018 · 6 comments

Comments

@clong
Copy link

clong commented Jan 25, 2018

windows_crashes shows icons for all OS'es:
image

xprotect_entries shows icons for all OS'es:
image
@clong clong changed the title OS Icons on the schema page appears to be inaccurate sometimes OS Icons on the schema page appear to be inaccurate sometimes Jan 25, 2018
@monkykap
Copy link

monkykap commented Jan 27, 2018
edited
Loading

i've noticed this for some other tables as well.

image

image

image

routes, interface_addresses, interface_details all work for windows. the windows section looks a little light in general, i think there are probably a few more tables. i'll post here as i come across them.

@mike-myers-tob
Copy link
Member

mike-myers-tob commented Feb 1, 2018
edited
Loading

This is also true for the groups table, where Windows is supported but the icon is missing in the schema page. For what it's worth, the groups table has an extended schema with Windows-only columns, and the schema page documents the extended schema columns alongside the other columns. That may confuse users of other platforms who would not see those columns in their groups table.

@terracatta
Copy link
Contributor

Per @groob

I see that os_version is supported on windows but the website says otherwise https://github.com/facebook/osquery/blob/d058e19345acc24b69517a2e5fcd60a19dad78da/osquery/tables/system/windows/os_version.cpp

none of the top level specs show up under windows support https://github.com/facebook/osquery/tree/master/specs

It's likely @marpaia needs to fix the data import script to take this top-level into account.

@muffins
Copy link
Contributor

muffins commented Mar 30, 2018

Any updates here? This is causing lots of confusion for folks leveraging the agent.

groob added a commit to groob/osquery that referenced this issue Apr 1, 2018
@groob
update specs at the root directory to include windows
35d1e1e 
Fixes osquery/osquery-site#29
The root directory was only accounting for darwin and linux.
@groob groob mentioned this issue Apr 1, 2018
Merged
groob added a commit to groob/osquery that referenced this issue Apr 1, 2018
@groob
update specs at the root directory to include windows
e187a64 
Fixes osquery/osquery-site#29
The root directory was only accounting for darwin and linux.
@marpaia marpaia mentioned this issue Apr 1, 2018
Merged
@marpaia
Copy link
Contributor

marpaia commented Apr 1, 2018
edited
Loading

The problem here is that PLATFORM_DIRS variable in the tools/codegen/genwebsitejson.py file in facebook/osquery contains an incorrect mapping. From that script:

# In the specs/ directory of the osquery repository, specification files are put
# in certain directories based on what platforms they are meant to be built on.
# This data structure represents the directories in specs/ and how they map to
# the operating systems which support tables found in those directories
PLATFORM_DIRS = {

@groob opened osquery/osquery#4248 to update the script and I've opened #58 which updates the existing table JSON given the new PLATFORM_DIRS values.

@marpaia marpaia mentioned this issue Apr 2, 2018
Open
@marpaia
Copy link
Contributor

marpaia commented Apr 2, 2018

@groob came in with a React logic bugfix in #59 to get this over the finish line, but between #58 and #59, all of the icons look accurate. I'm going to close this, but if there are any more inaccurate icons, let's definitely re-open this.

I created #60 to track the bug that @mike-myers-tob brought up with the extended schemas not being displayed, we're going to have to update the script and the UI for that.

@marpaia marpaia closed this as completed Apr 2, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@terracatta @marpaia @muffins @monkykap @clong @mike-myers-tob