Skip to main content

Mondoo Operating Systems (OS) Resource Pack Reference

The Operating Systems (OS) resource pack lets you use MQL to query and assess the security of your operating system packages and configuration.

Resources included in this pack:

audit.advisoryPlatform/package advisory
audit.cveCommon Vulnerabilities and Exposures (CVEs)
audit.cvssCommon Vulnerability Scoring System (CVSS) score
auditpolWindows audit policies
auditpol.entryWindows audit policy
authorizedkeysList of SSH authorized keys
authorizedkeys.entrySSH authorized key
commandResults of running a command on the system
container.imageContainer image
container.repositoryContainer registry repository
dockerDocker host resource
docker.containerDocker container
docker.fileDockerfile resource
docker.file.addDockerfile ADD instructions
docker.file.copyDockerfile COPY instructions
docker.file.exposeDockerfile EXPOSE instruction
docker.file.fromDockerfile FROM instructions
docker.file.runDockerfile RUN instructions
docker.file.stageDockerfile stages
docker.file.userDockerfile USER instructions
docker.imageDocker image
fileFile on the system
file.permissionsAccess permissions for a given file
files.findFind files on the system
groupGroup on this system
groupsGroups configured on this system
ip6tablesIPv6 tables
iptablesIPv4 tables
kernelSystem kernel information
kernel.moduleSystem kernel module information
kubeletKubernetes kubelet configuration
logindefsShadow password suite configuration
lsblkUnix list block devices
lsblk.entryUnix block device
machine.baseboardSMBIOS baseboard (or module) information
machine.biosSMBIOS BIOS information
machine.chassisSMBIOS system enclosure or chassis
machine.systemSMBIOS system information
macosmacOS specific resources
macos.alfmacOS application layer firewall (ALF) service
macos.systemsetupmacOS machine settings
macos.timemachinemacOS Time Machine
mondoo.eolPlatform end-of-life information
mountUnix mounted file system
mount.pointUnix mount point
npm.packagesnpm packages
ntp.confNTP service configuration
osOperating system information
os.rootCertificatesOperating system root certificates
os.updateOperating system update information
packagePackage on the platform or OS
packagesList of packages on this system
pam.confPAM configuration (pluggable authentication module)
parse.certificatesParse certificates from files
parse.iniParse INI files
parse.jsonParse JSON files
parse.openpgpParse OpenPGP from files
parse.plistParse plist files
parse.yamlParse YAML files
platform.advisoriesAll platform/package advisories
platform.cvesAll platform/package CVEs
platform.eolDeprecated; will be removed in version 12.0
portTCP/IP port on the system
portsTCP/IP ports on the system
powershellResults of running a PowerShell script on the system
privatekeyPrivate key resource
processProcess on this system
processesProcesses available on this system
pythonPython package details found on the operating system image
python.packagePython package information
registrykeyWindows registry key
registrykey.propertyWindows registry key property
rsyslog.confrsyslog service configuration
secpolWindows local security policy
serviceService on this system
servicesServices configured on this system
shadowShadowed password file
shadow.entryShadowed password file entry
sshdSSH server resource
sshd.configSSH server configuration
userUser on this system
usersUsers configured on this system
vuln.advisoryAdvisory information
vuln.cveCVE information
vuln.packagePackage information relevant for vulnerability management
vulnmgmtVulnerability Information
windowsWindows-specific resource to get operating system details
windows.bitlockerWindows BitLocker
windows.bitlocker.volumeWindows BitLocker volume
windows.featureWindows feature resource
windows.firewallWindows Firewall resource
windows.firewall.profileWindows Firewall profile entry
windows.firewall.ruleWindows Firewall rule entry
windows.hotfixWindows hotfix resource of the Windows security provider Windows security product
yumYum package manager resource
yum.repoYum repository resource