OSQuery Training
  • ℹī¸Info
    • What is OSQuery?
  • đŸ–Ĩī¸Installation Guides
    • đŸĨDebian + Ubuntu Based Systems
    • 🎩Red Hat, CentOS and Fedora Systems
    • đŸĒŸWindows Based Systems
  • 🔰Using OSQuery
    • Basic Queries
  • 💠FleetDM Guides
    • FleetDM Setup
    • Joining Hosts to Fleet
    • Creating New Queries on Fleet
  • 📗Lesson 1
    • Mespinoza/Pysa Ransomware
    • Hunting Mespinoza/Pysa
  • 📙Lesson 2
    • Pay2Key Ransomware
    • Hunting Pay2Key
Powered by GitBook
On this page
  1. Info

What is OSQuery?

NextDebian + Ubuntu Based Systems

Last updated 3 years ago

OSQuery is an open source service that allows its users to look at device details using basic SQL commands. This open-source service was created by Meta, formerly known as Facebook. To learn more about what this service does, visit their .

Using OSQuery, users are able to find a lot of details about the machine it is installed on such as who currently has a session on the box, what services are currently running that do not have binaries associated with them, which mounted disks are encrypted, and tons more using SQL queries!

OSQuery is compatible with Windows, macOS, CentOS, FreeBSD, and almost every Linux OS. This service has no dependencies either making it extremely convenient and easy to install! Below are install guides for different Operating Systems.

ℹī¸
website