Top 24 osquery open source projects

Automate the creation of a lab environment complete with security tooling and logging best practices

Go bindings for osquery

The premier osquery fleet manager.

[EXPERIMENTAL] Extend osquery to report on Kubernetes

Fast and efficient osquery management

osquery extensions by Trail of Bits

Extension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection

🚀 Bring your favorite shell wherever you go through the ssh.

SIAC is an enterprise SIEM built on open-source technology.

Go app that dispatches osquery to multi-machines

Provide a shell like interface by utilizing osquery's distributed API

A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases

A flexible control server for osquery fleets

A Chef Cookbook to install and configure osquery.

A repository for using osquery for incident detection and response

Zentral is an open-source solution for infrastructure monitoring and endpoint event stream processing. It provides build-in orchestration of macOS security components (Santa, Osquery, et-al.), event correlation and event management. It consolidates its features with various data store backends (ElasticStack, Azure Log Analytics, Splunk, et-al.).

Osquery launcher, autoupdater, and packager

Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Recon Hunt Queries

A starter-kit for a source-controlled, CLI-based osquery management workflow.

node.js client for osquery

A simple threat hunting tool based on osquery, Salt Open and Cymon API

[DEPRECATED] A quickstart demo for Kolide tools