Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "queries": {
- "ulimit_info": {
- "query": "select * from ulimit_info;",
- "interval": 86400
- },
- "rpm_packages": {
- "query": "select * from rpm_packages;",
- "interval": 86400
- },
- "sudoers": {
- "query": "select * from sudoers;",
- "interval": 86400
- },
- "mounts": {
- "query": "select * from mounts;",
- "interval": 86400
- },
- "crontab": {
- "query": "select * from crontab;",
- "interval": 86400
- },
- "memory_info": {
- "query": "select * from memory_info;",
- "interval": 3600,
- "removed": false
- },
- "mounts": {
- "query": "select (select datetime from time) AS poll_time, mounts.device, mounts.device_alias, mounts.path, mounts.type, mounts.blocks_size, mounts.blocks, mounts.blocks_free, mounts.blocks_available, ((mounts.blocks_size * mounts.blocks) / (1024 * 1024)) AS mb_total, ((mounts.blocks_size * (mounts.blocks - mounts.blocks_free)) / (1024 * 1024)) AS mb_used, ((mounts.blocks_size * mounts.blocks_free) / (1024 * 1024)) AS mb_free, mounts.flags, block_devices.parent, block_devices.vendor, block_devices.model, block_devices.uuid, block_devices.type, block_devices.label from mounts LEFT JOIN block_devices ON mounts.device_alias = block_devices.name where path NOT LIKE '/sys%' AND path NOT LIKE '/dev/%';",
- "interval": 3600,
- "removed": false
- },
- "file_events": {
- "query": "SELECT file_events.*, users.username FROM file_events JOIN users ON file_events.uid = users.uid",
- "interval": 300,
- "removed": false
- }
- },
- "file_paths": {
- "ssh": [
- "/root/.ssh/%%",
- "/home/%/.ssh/%%"
- ],
- "userbins": [
- "/home/%/bin/%%",
- "/home/%/sbin/%%",
- "/usr/bin/%%",
- "/usr/sbin/%%",
- "/usr/lib/%%",
- "/usr/local/bin/%%",
- "/usr/local/sbin/%%",
- "/usr/local/lib/%%",
- "/root/bin/%%"
- ],
- "etc": [
- "/etc/%%"
- ],
- "system": [
- "/bin/%%",
- "/sbin/%%",
- "/lib/%%",
- "/boot/%%",
- "/initrd/%%"
- ]
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
