File tree Expand file tree Collapse file tree 1 file changed +19
-0
lines changed Expand file tree Collapse file tree 1 file changed +19
-0
lines changed Original file line number Diff line number Diff line change @@ -81,6 +81,25 @@ Extensions are the core way that you can extend and customize osquery. At
8181Facebook, we use extensions extensively to implement many plugins that take
8282advantage of internal APIs and tools.
8383
84+ Execute queries in Python
85+ -------------------------
86+
87+ The same Thirft bindings can be used to create a Python client for the osqueryd or
88+ osqueryi's extension socket. There are helper classes provided that spawn an ephemeral
89+ osquery process for consecutive or long running client instances.
90+
91+ .. code-block :: python
92+
93+ import osquery
94+
95+ if __name__ == " __main__"
96+ # Spawn an osquery process using an ephemeral extension socket.
97+ instance = osquery.SpawnInstance()
98+ instance.open()
99+
100+ # Issues queries and call osquery Thrift APIs.
101+ instance.client.query(" select timestamp from time"
102+
84103
85104-------
86105
You can’t perform that action at this time.
0 commit comments