Steampipe unbundled →
Steampipe Hub 
Hub
Plugins
turbot/duo
Overview
11Tables
Versions
GitHub
steampipe plugin install duo

Table: duo_phone - Query Duo Security Phones using SQL

Duo Security is a cloud-based security solution that verifies the identity of users and the health of their devices before granting them access to applications. It provides a two-factor authentication service to protect against account takeover and data theft. Duo Security helps you secure access to all applications, for any user and device, from anywhere.

Table Usage Guide

The duo_phone table provides insights into Phones within Duo Security. As a security engineer, explore phone-specific details through this table, including phone number, platform, and type. Utilize it to uncover information about phones, such as their status, the type of phone, and the platform it's running on.

Examples

List all phones

select
  number,
  extension,
  type,
  platform,
  model,
  phone_id
from
  duo_phone
order by
  number,
  extension;
select
  number,
  extension,
  type,
  platform,
  model,
  phone_id
from
  duo_phone
order by
  number,
  extension;

Phones and their users

select
  p.number,
  p.extension,
  u ->> 'username' as username
from
  duo_phone as p,
  jsonb_array_elements(p.users) as u
order by
  number,
  extension,
  username;
select
  p.number,
  p.extension,
  json_extract(u.value, '$.username') as username
from
  duo_phone as p,
  json_each(p.users) as u
order by
  number,
  extension,
  username;

Phones that are not yet activated

select
  number,
  extension,
  phone_id
from
  duo_phone
where
  not activated
order by
  number,
  extension;
select
  number,
  extension,
  phone_id
from
  duo_phone
where
  not activated
order by
  number,
  extension;

Phones by platform

select
  platform,
  count(*)
from
  duo_phone
group by
  platform
order by
  platform;
select
  platform,
  count(*)
from
  duo_phone
group by
  platform
order by
  platform;

Users of phones that have been tampered with

select
  u ->> 'username' as username,
  p.number,
  p.extension
from
  duo_phone as p,
  jsonb_array_elements(p.users) as u
where
  p.tampered = 'Tampered'
order by
  username,
  number,
  extension;
select
  json_extract(u.value, '$.username') as username,
  p.number,
  p.extension
from
  duo_phone as p,
  json_each(p.users) as u
where
  p.tampered = 'Tampered'
order by
  username,
  number,
  extension;

Users of phones without encryption

select
  u ->> 'username' as username,
  p.number,
  p.extension,
  p.encrypted
from
  duo_phone as p,
  jsonb_array_elements(p.users) as u
where
  p.encrypted is null
  or p.encrypted != 'Encrypted'
order by
  username,
  number,
  extension;
select
  json_extract(u.value, '$.username') as username,
  p.number,
  p.extension,
  p.encrypted
from
  duo_phone as p,
  json_each(p.users) as u
where
  p.encrypted is null
  or p.encrypted != 'Encrypted'
order by
  username,
  number,
  extension;

Schema for duo_phone

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
activatedbooleanHas this phone been activated for Duo Mobile yet?
capabilitiesjsonbList of strings, each a factor that can be used with the device: push, phone, sms, mobile_otp.
encryptedtextThe encryption status of an Android or iOS device file system. One of: Encrypted, Unencrypted, or Unknown. Blank for other platforms.
extensiontext=An extension, if necessary.
fingerprinttextWhether an Android or iOS phone is configured for biometric verification. One of: Configured, Disabled, or Unknown. Blank for other platforms.
modeltextThe phone's model.
nametextFree-form label for the phone.
numbertext=The phone number. A phone with a smartphone platform but no number is a tablet.
phone_idtext=The phone's ID.
platformtextThe phone platform. One of: 'unknown', 'google android', 'apple ios', 'windows phone 7', 'rim blackberry', 'java j2me', 'palm webos', 'symbian os', 'windows mobile', or 'generic smartphone'.
postdelaybigintThe time (in seconds) to wait after the extension is dialed and before the speaking the prompt.
predelaybigintThe time (in seconds) to wait after the number picks up and before dialing the extension.
screenlocktextWhether screen lock is enabled on an Android or iOS phone. One of: Locked, Unlocked, or Unknown. Blank for other platforms.
sms_passcodes_sentbooleanHave SMS passcodes been sent to this phone?
tamperedtextWhether an iOS or Android device is jailbroken or rooted. One of: Not Tampered, Tampered, or Unknown. Blank for other platforms.
typetextThe type of phone. One of: unknown, mobile, or landline.
usersjsonbList of users to which this phone belongs.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- duo

You can pass the configuration to the command with the --config argument:

steampipe_export_duo --config '<your_config>' duo_phone