`sockets.raw`¶

$ target-query <path/to/target> -f sockets.raw

Details¶
Module	`os.unix.linux.sockets.NetSocketPlugin`
Output	`records`

Module documentation

No documentation

Function documentation

This plugin yields the raw and raw6 sockets and available stats associated with them.

Yields NetSocketRecord with the following fields:: hostname (string): The target hostname. domain (string): The target domain. protocol (string): The protocol used by the socket. receive_queue (int): The size, in bytes of the receive queue of the socket. transmit_queue (int): The size, in bytes of the transmit queue of the socket. local_ip (string): The local ip the socket connects from. local_port (int): The local port the socket connects from. remote_ip (string): The remote ip the socket connects to. remote_port (int): The remote port the socket connects to. state (string): The state of the socket. owner (string): The loginuid of the pid associated with this socket. inode (int): The inode (fd) associated with this socket. pid (int): The pid associated with this socket. name (string): The process name associated with this socket. cmdline (string): The command line used to start the socket with.

sockets.raw¶