CreateEnvironment to initialize the environment struct and tables.

EnvironmentFinder to find the environment and return its name based on the environment ID.

GenCarveBlockSizeFlag to generate the --carver_block_size flag.

GenServerCertsFlag to generate the --tls_server_certs flag.

GenSingleFlag to generate a generic flag to be used by osquery.

IsItExpired to determine if a time has expired, which makes it in the past.

IsPlatformLinux to know if a linux is going to trigger a query.

IsPlatformQuery to know if a plaform is going to trigger a query.

PackageDownloadURL to get the download URL for a package.

ParseFlagTemplate to parse a flag template.

PrepareOneLiner generic to generate one-liners.

QuickAddOneLinerPowershell to get the quick add one-liner for Windows nodes.

QuickAddOneLinerShell to get the quick add one-liner for Linux/OSX nodes.

QuickAddScript to get a quick add script for a environment.

QuickRemoveOneLinerPowershell to get the quick remove one-liner for Windows nodes.

QuickRemoveOneLinerShell to get the quick remove one-liner for Linux/OSX nodes.

ReadExternalFile to read an external file and return contents.

CarverBlockSizeValue to configure size in bytes for carver blocks.

DecoratorHostname to append hostnames as result decorator.

DecoratorLoggedInUser to append the first logged in user as result decorator.

DecoratorMD5Process to append the MD5 of the running osquery binary as result decorator.

DecoratorOsqueryVersionHash to append the osquery version and the configuration hash as result decorator.

DecoratorUsers to append osquery user as result decorator.

DefaultCarverBlockPath as default block endpoint for the carver.

DefaultCarverInitPath as default init endpoint for the carver.

DefaultCertPath.

DefaultConfigInterval as default interval for configuring nodes.

DefaultConfigPath as default value for configuring nodes.

DefaultEnrollPath as default value for enrolling nodes.

DefaultEnvironmentIcon as default icon to use for environments.

DefaultEnvironmentType as default type to use for environments.

DefaultFlagsPath.

DefaultLinkExpire as default time in hours to expire enroll/remove links.

DefaultLogInterval as default interval for logging data from nodes.

DefaultLogPath as default value for logging data from nodes.

DefaultQueryInterval as default interval for distributing on-demand queries to nodes.

DefaultQueryReadPath as default value for distributing on-demand queries to nodes.

DefaultQueryWritePath as default value for collecting results from on-demand queries.

DefaultScriptPath.

DefaultSecretLength as default length for secrets.

DefaultVerifyPath.

EmptyFlagCert to use as placeholder for the certificate file.

EmptyFlagSecret to use as placeholder for the secret file.

EnrollPowershell for enroll powershell.

EnrollShell for enroll shell.

EnrollTarget for enroll target.

FlagGenericValue to use as generator for generic flags.

FlagCarverBlockSize for the --carver_block_size flag.

FlagTLSServerCerts for the --tls_server_certs flag.

FlagsTemplate to generate flags for enrolling nodes.

InsecurePowershellTLS for insecure TLS connections in powershell onliners.

InsecureShellTLS for insecure TLS connections in shell oneliners.

PowershellTarget for powershell extension.

QuickAddScriptPowershell to keep the raw template for the quick add powershell script.

QuickAddScriptShell to keep the raw template for the quick add shell script.

QuickRemoveScriptPowershell to keep the raw template for the quick remove powershell script.

QuickRemoveScriptShell to keep the raw template for the quick remove shell script.

RemovePowershell for remove powershell.

RemoveShell for remove shell.

RemoveTarget for remove target.

ShellTarget for shell extension.

TemplateAddPowershell for template name.

TemplateAddShell for template name.

TemplateRemovePowershell for template name.

TemplateRemoveShell for template name.

DecoratorConf to hold the osquery decorators https://osquery.readthedocs.io/en/stable/deployment/configuration/#decorator-queries.

Environment keeps all TLS Environments.

NameUUID to just hold the environment name and UUID.

OsqueryConf to hold the structure for the configuration https://osquery.readthedocs.io/en/stable/deployment/configuration/#configuration-specification.

PackEntry to hold the struct for a single pack.

ScheduleQuery to hold the scheduled queries in the configuration https://osquery.readthedocs.io/en/stable/deployment/configuration/#schedule.

TLSEnvironment to hold each of the TLS environment.

ATCConf to hold all the auto table construction in the configuration https://osquery.readthedocs.io/en/stable/deployment/configuration/#automatic-table-construction.

MapEnvByID to hold the environments name and UUID by ID.

MapEnvByString to hold the environments name and UUID by string.

MapEnvironments to hold the TLS environments by name and UUID.

OptionsConf for each part of the configuration.

PacksConf to hold all the packs in the configuration https://osquery.readthedocs.io/en/stable/deployment/configuration/#packs.

PacksEntries to hold all the parsed non-local packs.

ScheduleConf to hold all the schedule https://osquery.readthedocs.io/en/stable/deployment/configuration/#schedule.