2个稳定版本

1.2.5	2023年2月1日
1.2.0	2019年4月15日

#175 in Operating systems

26 monthly downloads
用于 siquery_cli

MIT/Apache

595KB
14K SLoC

Siquery

简介

一个用于系统信息分析和监控的Rust库。

Siquery通过集成SQLite接口，以高效直观的方式在mac、windows和linux上探索底层操作系统数据，提供工具以创建自定义查询，并将结果输出到格式化的表格、JSON或CSV。

用法

USAGE: 
       siquery.exe [FLAGS] [OPTIONS] [input]

FLAGS:
             --csv        Sets 'csv' output mode
         -h, --help       Prints help information
             --json       Sets 'json' output mode
         -l, --list       Lists all table names
             --pretty     Sets 'print_pretty' output mode
         -V, --version    Prints version information
         -v               Sets the level of verbosity

OPTIONS:
             --schema <schema>     Prints schema of the given table name
         -q, --query <siquery>     Sqlite command
         -a, --A <table>           Selects all from table

ARGS:
         <input>     Sqlite query command

示例

cargo run -- -q "SELECT DISTINCT process.name, env.key, process.pid FROM processes AS process JOIN process_envs AS env ON process.pid = env.pid where process.name = 'siquery' AND process.pid > 38000 LIMIT 3" 

+---------+----------------+-------+
| name    | key            | pid   |
+=========+================+=======+
| siquery | CARGO_PKG_NAME | 38798 |
+---------+----------------+-------+
| siquery | SHLVL          | 38798 |
+---------+----------------+-------+
| siquery | PATH.          | 38798 |
+---------+----------------+-------+

cargo run -- -q "SELECT DISTINCT process.name, process.pid FROM process_memory_map AS memory JOIN processes as process ON process.path = memory.path where process.pid < 7900 limit 1"

+-----------------+------+
| name            | pid  |
+=================+======+
| dptf_helper.exe | 7800 |
+-----------------+------+

cargo run -- -q "PRAGMA table_info(process_memory_map)"

+-----+-------------+---------+---------+------------+
| cid | name        | type    | notnull | dflt_value |
+=====+=============+=========+=========+============+
| 0   | pid         | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 1   | start       | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 2   | end         | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 3   | permissions | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 4   | offset      | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 5   | device      | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 6   | inode       | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 7   | path        | TEXT    | 0       | 0          |
+-----+-------------+---------+---------+------------+
| 8   | pseudo      | INTEGER | 0       | 0          |
+-----+-------------+---------+---------+------------+

cargo run -- --pretty -q "SELECT * FROM etc_hosts LIMIT 1"

+-----------+-----------+
| address   | hostnames |
+===========+===========+
| 127.0.0.1 | localhost |
+-----------+-----------+

cargo run -- --json -q "SELECT * FROM etc_hosts"

[
  {"address":"127.0.0.1","hostnames":"localhost"},
  {"address":"255.255.255.255","hostnames":"broadcasthost"},
  {"address":"::1","hostnames":"localhost"}
]

cargo run -- --csv -q "SELECT * FROM etc_hosts LIMIT 1"

address|hostnames
127.0.0.1|localhost
255.255.255.255|broadcasthost
::1|localhost

实现表

表名	Windows	Linux	MacOS
etc_hosts	✔	✔	✔
etc_protocols	✔	✔	✔
etc_services	✔	✔	✔
interface_address	✔	✔
interface_details	✔	✔
system_info	✔	✔	✔
os_version	✔	✔	✔
logical_drives	✔
uptime	✔	✔	✔
processes	✔	✔	✔
process_open_sockets	✔	✔
process_memory_map	✔	✔
products	✔
proxies	✔	✔	✔
users	✔	✔	✔
launchd			✔
launchd_overrides			✔
logged_in_users	✔	✔	✔
logon_sessions	✔
groups	✔	✔	✔
process_envs		✔	✔
mounts		✔	✔
wmi_computer_info	✔
wmi_os_version	✔
wmi_printers	✔
wmi_services	✔
wmi_hotfixes	✔
wmi_shares	✔
wmi_network_adapters	✔
wmi_local_accounts	✔
wmi_bios	✔
wmi_motherboard	✔
wmi_processor	✔
wmi_physical_memory	✔
wmi_sound	✔
wmi_video	✔
wmi_monitors	✔
wmi_keyboard	✔
wmi_pointing_device	✔

依赖

~31–42MB
~705K SLoC

cfg-if 0.1
chrono
csv
heck 0.3.1
horrorshow 0.6.5
lazy_static
nix 0.11 not win
prettytable-rs 0.10
proxy_cfg
regex
rusqlite 0.28+vtab +bundled
serde
serde_derive
serde_json
time 0.1
treexml 0.7
URL
byteorder mac
glob 0.2 mac
objc +异常处理 mac
objc-foundation mac
objc_id mac
plist 0.4 mac
uname linux mac
walkdir mac
libc not win win
widestring 0.4 win
winapi +SDDL +句柄API +winnt +minwindef +ws2def +错误处理API +winbase +objidlbase +tlhelp32 +shlobj… win
winreg 0.5.1 win
sysconf linux

构建 build.rs