有人可以指出为什么osquery输出JSON不遵循指定的表模式吗?例如,表进程描述pid的类型为BigInt,而该字段的JSON输出为String。对于许多相似的领域也是如此。这似乎是一种设计选择,我想找出细节。谢谢
{"name":"process_info","hostIdentifier":"xxxx","calendarTime":"Fri Jun 21 00:22:03 2019 UTC","unixTime":1561076523,"epoch":0,"counter":0,"decorations":{"host_uuid":"xxxx","username":"x"},"columns":{"cmdline":"/usr/sbin/syslogd","cpu_subtype":"-2147483645","cpu_type":"16777223","cwd":"/","disk_bytes_read":"73748480","disk_bytes_written":"1286144","egid":"0","euid":"0","gid":"0","name":"syslogd","nice":"0","on_disk":"1","parent":"1","path":"/usr/sbin/syslogd","pgroup":"42","pid":"42","resident_size":"917504","root":"","sgid":"0","start_time":"120901","state":"82","suid":"0","system_time":"6472","threads":"3","total_size":"1495040","uid":"0","upid":"42","uppid":"1","user_time":"3132","wired_size":"0"},"action":"added"}