Add Windows support for `battery` table

[awx-vsyr]

Goal

User story
As an endpoint operator,
I want to run a query against battery table on my Windows hosts
so that I can know the battery health of my Windows hosts.

Changes

Product

• [ ] osquery changes: Add Windows support to the battery table. PR is here: https://github.com/osquery/osquery/pull/8267
• [ ] Outdated documentation changes: Make sure the table documentation on fleetdm.com/tables is udpated. Make sure the right-side bar in the query console in the Fleet is updated.

Engineering

• [ ] Database schema migrations: TODO
• [ ] Load testing: TODO

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

Context

• Requestor(s): _________________________

QA

Risk assessment

• Requires load testing: TODO
• Risk level: Low / High TODO
• Risk description: TODO

Manual testing steps

1. Step 1
2. Step 2
3. Step 3

Testing notes

Confirmation

1. [ ] Engineer (@____): Added comment to user story confirming successful completion of QA.
2. [ ] QA (@____): Added comment to user story confirming successful completion of QA.

Goal

[TODO

](https://msendpointmgr.com/2020/08/07/proactive-battery-replacement-with-endpoint-analytics/) so currently there's the battery table for mac.. and it's good. Windows 'kind of has something similar via WMI' but everybody hates WMI and you shouldn't expose it directly which you don't (half of it rce/actions not info) - however I suspect you might be able to make a custom table based on wmi maybe based on the battery class ? In terms why - well it helps to know to more proactively diag issues with the batteries for windows devices

How?

here's a sample powershell script https://msendpointmgr.com/2020/08/07/proactive-battery-replacement-with-endpoint-analytics/ unfortunately I don't know much about osq tables to comment Ps it's highly likely these are implementation specific per vendor or battery controller even but worth a look

• [ ]

[awx-vsyr]

ps i think the non surface specific class was https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-battery and potentially you have > 1 battery and potentially the expected values will be null like design capacity

[lukeheath]

@awx-vsyr Thank you for your suggestion! I'm assigning this issue to @zhumo to take a look at implementing this feature.

[noahtalerman]

Hey @zwass I think you mentioned that you had started working on Windows support for the battery table? Is that right?

If so, is there a separate fleetdm/fleet issue? I'm happy to transform this one into a user story that can track your work.

[zwass]

Yes, https://github.com/osquery/osquery/pull/8267

[noahtalerman]

Hey @awx-vsyr thanks for tracking this! I moved your original issue description here:

[TODO

](https://msendpointmgr.com/2020/08/07/proactive-battery-replacement-with-endpoint-analytics/) so currently there's the battery table for mac.. and it's good. Windows 'kind of has something similar via WMI' but everybody hates WMI and you shouldn't expose it directly which you don't (half of it rce/actions not info) - however I suspect you might be able to make a custom table based on wmi maybe based on the battery class ? In terms why - well it helps to know to more proactively diag issues with the batteries for windows devices

How? here's a sample powershell script https://msendpointmgr.com/2020/08/07/proactive-battery-replacement-with-endpoint-analytics/ unfortunately I don't know much about osq tables to comment Ps it's highly likely these are implementation specific per vendor or battery controller even but worth a look

[ ]

[noahtalerman]

Yes, https://github.com/osquery/osquery/pull/8267

@zwass nice! When do you think these changes will be included in an osquery release?

[noahtalerman]

When do you think these changes will be included in an osquery release?

Hey @zwass, just giving you an extra ping in case you missed the first!

[zwass]

This should go out in the next osquery release which I expect will be in the next couple weeks.

[noahtalerman]

@sharon-fdm heads up, Windows support for the battery table is going out in the next osquery release.

Zach's PR was merged: https://github.com/osquery/osquery/pull/8267

I assigned this story to you and moved it to "Settled."

Should we bring it straight to the :release board so that it goes through QA?

[sharon-fdm]

@noahtalerman SGTM. I moved it. cc: @xpkoala

[sharon-fdm]

Setting 1 point just for whatever we need for QA

[xpkoala]

Tested using osqueryd-channel=edge and getting accurate battery reports.

[noahtalerman]

Hey @sharon-fdm, have we pushed osquery 5.12 to stable?

[sharon-fdm]

@noahtalerman Not yet. We typically follow osquery website and it's still in draft (equivalent to our EDGE)

[noahtalerman]

Hey @eashaw, do we have to pull in the latest osquery schema to include docs changes for the battery table?

[eashaw]

@noahtalerman Yes, we will need to update the website to use the osquery 5.12 schema (when it is added to the osquery-site repo).

[noahtalerman]

Hey @dherder, this prospect request was included in the latest fleetd release 🎉

Leaving this issue open until we update the fleetdm.com/tables and the rightside bar in the Fleet UI: battery table is supported on Windows.

[rachaelshaw]

@eashaw new version of the schema was added to the osquery-site repo, we should be able to update the documentation now

[noahtalerman]

@eashaw new version of the schema was added to the osquery-site repo, we should be able to update the documentation now

@eashaw when you get the chance, can you please help us pull in the latest osquery schema? https://github.com/osquery/osquery-site/blob/source/src/data/osquery_schema_versions/5.12.1.json

[eashaw]

@noahtalerman Yes! The PR to update the version of osquery schema is here: https://github.com/fleetdm/fleet/pull/18890

[noahtalerman]

Thanks!

Table docs are updated: https://fleetdm.com/tables/battery

[fleet-release]

Windows hosts whisper, "Know our battery health, friend. Cloud city listens."