bug: Improve chassis_types and security_breach columns within chassis_info #6608
Conversation
osquery/core/windows/wmi.h
Outdated
| @@ -205,6 +205,16 @@ class WmiResultItem { | |||
| Status GetVectorOfStrings(const std::string& name, | |||
| std::vector<std::string>& ret) const; | |||
|
|
|||
| /** | |||
| * @brief Windows WMI Helper function to retrieve a vector of long result | |||
| * from | |||
There was a problem hiding this comment.
nitpick, formatting, no need to have a newline here
| std::ostringstream oValueConcat; | ||
| for (size_t i = 0; i < chassisTypes.size(); ++i) { | ||
| if (i != 0) { | ||
| oValueConcat << ","; |
There was a problem hiding this comment.
nitpick, do you want this to read 1,2,3,4 or 1, 2, 3, 4? If you do not want the space maybe you can << ','.
specs/windows/chassis_info.table
Outdated
| @@ -3,7 +3,7 @@ description("Display information pertaining to the chassis and its security stat | |||
| schema([ | |||
| Column("audible_alarm", TEXT, "If TRUE, the frame is equipped with an audible alarm."), | |||
| Column("breach_description", TEXT, "If provided, gives a more detailed description of a detected security breach."), | |||
| Column("chassis_types", INTEGER, "The type of chassis, such as Desktop or Laptop."), | |||
| Column("chassis_types", TEXT, "The type of chassis, such as Desktop or Laptop."), | |||
There was a problem hiding this comment.
A comma-separated list of chassis types, such as Desktop or Laptop.
|
Thanks for the review @theopolis ! I updated the data in the column so Also, noticed that |
theopolis
changed the title
|
This is great! Heads up that I normally recommend a "one thesis rule", meaning each PR should change one distinct thing. I renamed this to indicate that you are essentially improving the data within both of these columns. |
|
I agree with the one thesis rule. :) Integration test was failing because result of security_breach was uninitialized sometimes. |
Fix for bug #6538