Linux系统上的查询.all memory_map给出了意外的结果,因为所有属性的起始存储位置= 0x00000000以及结束存储位置= 0x00000000。看起来很奇怪吗?
操作系统: Kali Linux
osquery版本: 4.0.2(当前)
我尝试在osquery/issues/
上搜索问题CLI上代码的精确复制是:
osqueryi
.all memory_map
与以下结果相同:
osqueryi
SELECT * FROM memory_map
osqueryi的输出仅是一条消息,表明它正在使用虚拟数据库,如下所示。
Using a virtual database. Need help, type '.help'
.all memory_map的输出如下:
+-------------------------------+------------+-------------+
| name | start | end |
+-------------------------------+------------+-------------+
| Reserved | 0x00000000 | 0x00000000 |
| System RAM | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| PCI Bus 0000:00 | 0x00000000 | 0x00000000 |
| Video ROM | 0x00000000 | 0x00000000 |
| Adapter ROM | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| System ROM | 0x00000000 | 0x00000000 |
| System RAM | 0x00000000 | 0x00000000 |
| ACPI Non-volatile Storage | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| System RAM | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| System RAM | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| ACPI Non-volatile Storage | 0x00000000 | 0x00000000 |
| ACPI Tables | 0x00000000 | 0x00000000 |
| System RAM | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| Graphics Stolen Memory | 0x00000000 | 0x00000000 |
| PCI Bus 0000:00 | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| PCI Bus 0000:01 | 0x00000000 | 0x00000000 |
| 0000:01:00.0 | 0x00000000 | 0x00000000 |
| 0000:01:00.0 | 0x00000000 | 0x00000000 |
| 0000:00:02.0 | 0x00000000 | 0x00000000 |
| PCI Bus 0000:01 | 0x00000000 | 0x00000000 |
| 0000:01:00.0 | 0x00000000 | 0x00000000 |
| PCI Bus 0000:03 | 0x00000000 | 0x00000000 |
| 0000:03:00.0 | 0x00000000 | 0x00000000 |
| iwlwifi | 0x00000000 | 0x00000000 |
| PCI Bus 0000:02 | 0x00000000 | 0x00000000 |
| 0000:02:00.1 | 0x00000000 | 0x00000000 |
| 0000:02:00.1 | 0x00000000 | 0x00000000 |
| r8169 | 0x00000000 | 0x00000000 |
| 0000:02:00.0 | 0x00000000 | 0x00000000 |
| rtsx_pci | 0x00000000 | 0x00000000 |
| 0000:02:00.0 | 0x00000000 | 0x00000000 |
| 0000:00:1f.3 | 0x00000000 | 0x00000000 |
| ICH HD audio | 0x00000000 | 0x00000000 |
| 0000:00:14.0 | 0x00000000 | 0x00000000 |
| xhci-hcd | 0x00000000 | 0x00000000 |
| intel_xhci_usb_sw | 0x00000000 | 0x00000000 |
| 0000:00:1f.3 | 0x00000000 | 0x00000000 |
| ICH HD audio | 0x00000000 | 0x00000000 |
| 0000:00:1f.2 | 0x00000000 | 0x00000000 |
| 0000:00:17.0 | 0x00000000 | 0x00000000 |
| ahci | 0x00000000 | 0x00000000 |
| 0000:00:15.0 | 0x00000000 | 0x00000000 |
| lpss_dev | 0x00000000 | 0x00000000 |
| i2c_designware.0 | 0x00000000 | 0x00000000 |
| lpss_priv | 0x00000000 | 0x00000000 |
| idma64.0 | 0x00000000 | 0x00000000 |
| idma64.0 | 0x00000000 | 0x00000000 |
| 0000:00:15.1 | 0x00000000 | 0x00000000 |
| lpss_dev | 0x00000000 | 0x00000000 |
| i2c_designware.1 | 0x00000000 | 0x00000000 |
| lpss_priv | 0x00000000 | 0x00000000 |
| idma64.1 | 0x00000000 | 0x00000000 |
| idma64.1 | 0x00000000 | 0x00000000 |
| 0000:00:16.0 | 0x00000000 | 0x00000000 |
| mei_me | 0x00000000 | 0x00000000 |
| 0000:00:17.0 | 0x00000000 | 0x00000000 |
| ahci | 0x00000000 | 0x00000000 |
| 0000:00:1f.4 | 0x00000000 | 0x00000000 |
| 0000:00:17.0 | 0x00000000 | 0x00000000 |
| ahci | 0x00000000 | 0x00000000 |
| 0000:00:02.0 | 0x00000000 | 0x00000000 |
| PCI MMCONFIG 0000 [bus 00-ff] | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| PCI Bus 0000:00 | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| INT344B:00 | 0x00000000 | 0x00000000 |
| INT344B:00 | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| INT344B:00 | 0x00000000 | 0x00000000 |
| INT344B:00 | 0x00000000 | 0x00000000 |
| INT344B:00 | 0x00000000 | 0x00000000 |
| INT344B:00 | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| iTCO_wdt | 0x00000000 | 0x00000000 |
| iTCO_wdt | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| pnp 00:00 | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| IOAPIC 0 | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| HPET 0 | 0x00000000 | 0x00000000 |
| PNP0103:00 | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| MSFT0101:00 | 0x00000000 | 0x00000000 |
| MSFT0101:00 | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| dmar0 | 0x00000000 | 0x00000000 |
| dmar1 | 0x00000000 | 0x00000000 |
| Local APIC | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| pnp 00:07 | 0x00000000 | 0x00000000 |
| INT0800:00 | 0x00000000 | 0x00000000 |
| Reserved | 0x00000000 | 0x00000000 |
| System RAM | 0x00000000 | 0x00000000 |
| Kernel code | 0x00000000 | 0x00000000 |
| Kernel data | 0x00000000 | 0x00000000 |
| Kernel bss | 0x00000000 | 0x00000000 |
| RAM buffer | 0x00000000 | 0x00000000 |
+-------------------------------+------------+-------------+
答案 0 :(得分:0)
library(tidyr)
library(dplyr)
x %>%
group_by(ID) %>%
mutate(grp = 1:n()) %>%
pivot_longer(-c(ID, grp), names_to = "var", values_to = "val") %>%
unite("var_grp", var, grp, sep = "") %>%
pivot_wider(names_from = var_grp, values_from = val)
#> # A tibble: 3 x 9
#> # Groups: ID [3]
#> ID Age1 Sex1 Age2 Sex2 Age3 Sex3 Age4 Sex4
#> <dbl> <dbl> <dbl> <dbl> <dbl> <dbl> <dbl> <dbl> <dbl>
#> 1 1 3 1 5 1 6 1 7 1
#> 2 2 1 2 12 2 5 2 NA NA
#> 3 3 3 1 NA NA NA NA NA NA
表需要root权限。您正在使用root进行测试吗?
(如果我不使用提升的权限运行,我可以复制它)
答案 1 :(得分:0)
更新:是的,我使用的是 root 用户。我最终将我的系统更改为 Kubuntu 19.04,在那里它就像一个魅力。