I am currently trying to write a python script that will start osquery and then conduct a query - all I have for my script so far is:
import subprocess
subprocess.run(["osqueryi"])
The problem is that once I run "osqueryi", I have to do the query (which is only one command) from within the command line, which I have no idea how to do in Python as I don't know how to wait for "osqueryi" to finish and then run a new command within that process (sorry if my terminology is off, still very new to all this!).
Normally, it would go:
a@b: osqueryi
osquery> select * from processes
Does anybody know how I could go about this?
Thank you in advance.
