pengutils.utils.cli_db module

Database CLI

This script consolidates various database query utilities into a single command-line interface. It allows querying execution events, file descriptor usage, file reads/writes, syscalls, and unique tasks (process names) from the Penguin RemoteCtrl Plugin database.

Example usage

# Query tasks
cli_db.py tasks --results ./results/latest

# Query execs
cli_db.py execs --procname myproc --fd 3

# Query syscalls
cli_db.py syscalls --errors

# Query reads/writes
cli_db.py reads --filename config.txt
cli_db.py writes --fd 1

# Query unique FDs
cli_db.py fds --follow

Options

Common options: - --results: Path to results folder (default: ./results/latest/) - --output: Output file (default: /dev/stdout)

See individual commands for specific filters and options.

pengutils.utils.cli_db.exec_filter(sess, procname, fd, filename)

pengutils.utils.cli_db.read_filter(sess, procname, fd, filename)

pengutils.utils.cli_db.syscall_filter(sess, procname, syscall, errors)

pengutils.utils.cli_db.write_filter(sess, procname, fd, filename)