Hacker News new | past | comments | ask | show | jobs | submit login
SQL powered operating system instrumentation, monitoring, and analytics (github.com/osquery)
58 points by gzel 32 days ago | hide | past | favorite | 7 comments



Readers may also enjoy Steampipe [1], an open source tool to live query 140+ services with SQL (e.g. AWS, GitHub, CSV, Kubernetes, etc). It uses Postgres Foreign Data Wrappers under the hood and supports joins etc with other tables. (Disclaimer - I'm a lead on the project.)

1 - https://github.com/turbot/steampipe


Heh, I actually came to these comments to link that since this reminded me of it as well! Love the project :)


meta comment, but gotta say I'm loving the marked uptick in sql stories on HN recently. SQL is getting trendy again. Great :)


I thought NoSQL was supposed to take over? Noooooooo :( why learn complex queries when I can spawn unstructured and unrelated json blobs? It's easier! Or so I was told?


If you're looking at this, you might want to also look at fleetdm (https://github.com/fleetdm/fleet), from which hosts that have osquery installed, can be queried.


We use FleetDM extensively. The community version is a bit limited (and I'm lazy to close all those Jira tickets coming from the integration) but it's really a big help.

Get all laptops with failing batteries - done Sweep the endpoints for any indicators of suspicious activity (if you know what you're looking for) - done Monitor policy compliance (or stuff like the /boot partition filling) done

It will never replace a true monitoring solution (like Grafana+Prometheus), but we don't need that on endpoints.


Wasn't this the concept behind WMI?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: