From cb73eed69bc9ef75cf1b4eb9bad3a3e3f191cc42 Mon Sep 17 00:00:00 2001
From: Toni de la Fuente <toni@blyx.com>
Date: Mon, 29 Feb 2016 17:16:50 -0500
Subject: [PATCH] added support to osquery

---
 include/tests_file_integrity | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/include/tests_file_integrity b/include/tests_file_integrity
index 278f2d07..7ce0831e 100644
--- a/include/tests_file_integrity
+++ b/include/tests_file_integrity
@@ -268,6 +268,23 @@
 #
 #################################################################################
 #
+    # Test        : FINT-4351
+    # Description : Check if osquery system integrity tool is running
+    Register --test-no FINT-4351 --weight L --network NO --description "osqueryd syscheck daemon running"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        LogText "Test: Checking if osqueryd syscheck daemon is running"
+        IsRunning osqueryd
+        if [ ${RUNNING} -eq 1 ]; then
+            LogText "Result: syscheck (osquery) installed"
+            FILE_INT_TOOL="osquery"
+            FILE_INT_TOOL_FOUND=1
+            Display --indent 4 --text "- osquery (syscheck)" --result FOUND --color GREEN
+          else
+            LogText "Result: syscheck (osquery) not installed"
+        fi
+    fi
+#
+#################################################################################
 
 Report "file_integrity_tool=${FILE_INT_TOOL}"
 Report "file_integrity_tool_installed=${FILE_INT_TOOL_FOUND}"