Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

Features

  • Allows you to schedule queries to be executed across your entire infrastructure
  • Generates logs which indicate state changes in your infrastructure
  • It gives you a SQL interface to try out new queries and explore your operating system
  • Easy packaging and deploying custom osquery tools
  • Osquery's codebase is made up of high-performance, modular components
  • Language bindings exist for many languages using a Thrift interface

Project Samples

Osquery Screenshot 1 Osquery Screenshot 2 Osquery Screenshot 3

Project Activity

See All Activity >

Categories

Security, Network Monitoring, Logging

License

Apache License V2.0

Follow Osquery

Osquery Web Site

You Might Also Like
Relax: PRTG Monitors Your IT for You Icon
Relax: PRTG Monitors Your IT for You

Stay in control and avoid IT headaches. PRTG monitors your network, devices, and apps - receive alerts when it matters most.

You’re the go-to IT person, always putting out fires and keeping things running. With PRTG, you get reliable alerts to monitor your entire IT infrastructure, without the noise. Our intuitive setup gives you a clear overview of your network, devices, and applications in real time. Get instant alerts only when something needs your attention, whether you’re at your desk or on the move. Spend less time worrying about outages and more time focusing on what matters. Set up PRTG once and let it work for you - PRTG has you covered.
Start Your Free PRTG Trial Now
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Osquery!

Additional Project Details

Operating Systems

FreeBSD, Linux, Mac, Windows

Programming Language

C, C++

Related Categories

C++ Security Software, C++ Network Monitoring Software, C++ Logging Software, C Security Software, C Network Monitoring Software, C Logging Software

Registered

2021-01-19
Report inappropriate content