Skip to content

Guardicore osqueries collection for asset information, TH and compliance.

Notifications You must be signed in to change notification settings

guardicode/osquery

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

71 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Guardicore logo

Guardicore Insight

OSQuery is a sleek, intuitive, and powerful front-end framework for faster and easier operating system instrumentation for Windows, OS X (macOS), Linux, and FreeBSD. OSQuery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.

OSQueries » . Report bug · Request feature · Explore OSQuery docs

## What's included

Within this repo you'll find the following directories and files, logically grouping common osquery tasks with other useful documentation and providing both compiled and minified variations of osquery selects. You'll see something like this:

osquery/
└── main/
    ├── osqueries/
    │   ├── asset_info.md
    │   ├── fim.md
    │   ├── threat_hunting.md
    │   └── compliance.md
    │── docs 
    └── issues/
        ├── bug_report.md
        └── feature_request.md

About

Guardicore osqueries collection for asset information, TH and compliance.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published