8fe1c4029d
Let's start using our google group for long-form questions so that we can leave issues for implementation tasks.
1.7 KiB
osquery is an operating system instrumentation framework for OS X and Linux. The tools make low-level operating system analytics and monitoring both performant and intuitive.
osquery exposes an operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.
Getting Started
If you're interested in installing osquery check out the install guide for OS X and Linux.
If you're interested in deploying osquery to provide your organization with deeper insight into your Linux and OS X hosts check out the using osqueryd guide. If you're interested in performing ad-hoc queries, check out using osqueryi.
If you're interested in extending one of the existing osquery products or improving core libraries read the developer documentation pages. You should start with "building the code" and "contributing code".
If you're interested in using osquery's functionality in your own tool, check out the osquery SDK.
Getting help
If you any part of osquery isn't working as expected, please create a GitHub Issue.
Keep in touch with osquery developers and users in #osquery on freenode.
If you have long-form questions, please email osquery@googlegroups.com.