ohkannaduh / osquery-php
Requires
- haydenpierce/class-finder: ^0.4.0
- nilportugues/sql-query-builder: ^1.7
- php-di/php-di: ^6.0
- ramsey/collection: ^1.0
Requires (Dev)
- mockery/mockery: ^1.2
- phpstan/phpstan: ^0.11.16
- phpstan/phpstan-mockery: ^0.11.3
- phpunit/phpunit: ^8.3
This package is auto-updated.
Last update: 2025-03-29 01:00:42 UTC
README
This library serves as a link between osquery and php.
Installation
The library can be installed via composer
composer require ohkannaduh/osquery-php
Getting started
The easiest way to hop in and get started with the library is to use the container \OhKannaDuh\OsQuery\Container.
The container
use OhKannaDuh\OsQuery\Container; ... $container = Container::create();
The static create method on the container will automatically register all factories in the OhKannaDuh\OsQuery\Factories namespace, if you want something specific you can instantiate the class with the new keyword to get an instnace with no registered factories.
$container = new Container();
Registering factories
Once you have your container you can register additional containers using the register method. This method takes an instance of OhKannaDuh\OsQuery\FactoryInterface.
/** @var FactoryInterface $factory */ $container->register($factory);
This will map the factories model to the factory inside the container.
Getting factories
You can retrieve a registered factory with the getFactory method that takes a string of the models class.
use OhKannaDuh\OsQuery\Models\User; ... $users = $container->getFactory(User::class);
Factories
Factories are one of the main parts of this library, they are used to interact with OsQuery and get the models we need.
Factory Api
all
The all method gets all instance of a given model.
/** @var \OhKannaDuh\OsQuery\Factories\UserFactory $users */ foreach ($users->all() as $user) { echo $user->getUsername() . PHP_EOL; }
You can also limit the data that we gather with the optional $columns parameter on the all method.
/** @var \OhKannaDuh\OsQuery\Factories\UserFactory $users */ foreach ($users->all(["username", "uid"]) as $user) { $user->hasAttribute("username"); // true $user->hasAttribute("uid"); // true $user->hasAttribute("gid"); // false }
where
The where method lets us specify parameters for OsQuery.
/** @var \OhKannaDuh\OsQuery\Factories\UserFactory $users */ $result = $users->where([ "username" => "root", // All users with the username root ]); foreach ($results as $user) { echo $user->getUsername() . PHP_EOL; }
/** @var \OhKannaDuh\OsQuery\Factories\UserFactory $users */ $result = $users->where([ "gid" => "985", // All users in group 985 ]); foreach ($results as $user) { echo $user->getUsername() . PHP_EOL; }