GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → osquery → Osquery

osquery / Osquery

Licence: other
SQL powered operating system instrumentation, monitoring, and analytics.

Programming Languages

C++
36643 projects - #6 most used programming language
c
50402 projects - #5 most used programming language
CMake
9771 projects
python
139335 projects - #7 most used programming language
Objective-C++
1391 projects
powershell
5483 projects

Labels

hacktoberfestsecuritysqlmonitoringintrusion-detection

Projects that are alternatives of or similar to Osquery

Osquery Extensions
osquery extensions by Trail of Bits
Stars: ✭ 180 (-99.03%)
Mutual labels:  sql, monitoring, intrusion-detection
Osql Experimental
A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases
Stars: ✭ 62 (-99.66%)
Mutual labels:  sql, monitoring, intrusion-detection
Monitor Adgroupmembership
PowerShell script to monitor Active Directory groups and send an email when someone is changing the membership
Stars: ✭ 190 (-98.97%)
Mutual labels:  hacktoberfest, monitoring
Trilogy
TypeScript SQLite layer with support for both native C++ & pure JavaScript drivers.
Stars: ✭ 195 (-98.94%)
Mutual labels:  hacktoberfest, sql
Bobby Tables
bobby-tables.com, the site for preventing SQL injections
Stars: ✭ 220 (-98.81%)
Mutual labels:  hacktoberfest, sql
Django Sql Explorer
Easily share data across your company via SQL queries. From Grove Collab.
Stars: ✭ 1,958 (-89.4%)
Mutual labels:  hacktoberfest, sql
Fselect
Find files with SQL-like queries
Stars: ✭ 3,103 (-83.2%)
Mutual labels:  hacktoberfest, sql
Graphite exporter
Server that accepts metrics via the Graphite protocol and exports them as Prometheus metrics
Stars: ✭ 217 (-98.83%)
Mutual labels:  hacktoberfest, monitoring
My Internet Speed
🛎️ Monitor the speed your ISP is delivering
Stars: ✭ 118 (-99.36%)
Mutual labels:  hacktoberfest, monitoring
Questdb
An open source SQL database designed to process time series data, faster
Stars: ✭ 7,544 (-59.17%)
Mutual labels:  sql, monitoring
Clickhouse
ClickHouse® is a free analytics DBMS for big data
Stars: ✭ 21,089 (+14.15%)
Mutual labels:  hacktoberfest, sql
Programming
Code a program in a language of your choice.
Stars: ✭ 269 (-98.54%)
Mutual labels:  hacktoberfest, sql
Promster
⏰A Prometheus exporter for Hapi, express and Marble.js servers to automatically measure request timings 📊
Stars: ✭ 146 (-99.21%)
Mutual labels:  hacktoberfest, monitoring
Sqlcell
SQLCell is a magic function for the Jupyter Notebook that executes raw, parallel, parameterized SQL queries with the ability to accept Python values as parameters and assign output data to Python variables while concurrently running Python code. And *much* more.
Stars: ✭ 145 (-99.22%)
Mutual labels:  hacktoberfest, sql
Exceptionless
Exceptionless server and jobs
Stars: ✭ 2,107 (-88.6%)
Mutual labels:  hacktoberfest, monitoring
Dumpling
Dumpling is a fast, easy-to-use tool written by Go for dumping data from the database(MySQL, TiDB...) to local/cloud(S3, GCP...) in multifarious formats(SQL, CSV...).
Stars: ✭ 134 (-99.27%)
Mutual labels:  hacktoberfest, sql
Librenms
Community-based GPL-licensed network monitoring system
Stars: ✭ 2,567 (-86.11%)
Mutual labels:  hacktoberfest, monitoring
Spidermon
Scrapy Extension for monitoring spiders execution.
Stars: ✭ 309 (-98.33%)
Mutual labels:  hacktoberfest, monitoring
Grafana
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
Stars: ✭ 45,930 (+148.61%)
Mutual labels:  hacktoberfest, monitoring
Openitcockpit
openITCOCKPIT is an Open Source system monitoring tool built for different monitoring engines like Nagios, Naemon and Prometheus.
Stars: ✭ 108 (-99.42%)
Mutual labels:  hacktoberfest, monitoring
View All Similar Projects ➔

osquery

osquery logo

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework.
Available for Linux, macOS, Windows, and FreeBSD.

Information and resources

What is osquery?

osquery exposes an operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.

SQL tables are implemented via a simple plugin and extensions API. A variety of tables already exist and more are being written: https://osquery.io/schema. To best understand the expressiveness that is afforded to you by osquery, consider the following SQL queries:

List the users:

SELECT * FROM users;

Check the processes that have a deleted executable:

SELECT * FROM processes WHERE on_disk = 0;

Get the process name, port, and PID, for processes listening on all interfaces:

SELECT DISTINCT processes.name, listening_ports.port, processes.pid
  FROM listening_ports JOIN processes USING (pid)
  WHERE listening_ports.address = '0.0.0.0';

Find every macOS LaunchDaemon that launches an executable and keeps it running:

SELECT name, program || program_arguments AS executable
  FROM launchd
  WHERE (run_at_load = 1 AND keep_alive = 1)
  AND (program != '' OR program_arguments != '');

Check for ARP anomalies from the host's perspective:

SELECT address, mac, COUNT(mac) AS mac_count
  FROM arp_cache GROUP BY mac
  HAVING count(mac) > 1;

Alternatively, you could also use a SQL sub-query to accomplish the same result:

SELECT address, mac, mac_count
  FROM
    (SELECT address, mac, COUNT(mac) AS mac_count FROM arp_cache GROUP BY mac)
  WHERE mac_count > 1;

These queries can be:

  • performed on an ad-hoc basis to explore operating system state using the osqueryi shell
  • executed via a scheduler to monitor operating system state across a set of hosts
  • launched from custom applications using osquery Thrift APIs

Download & Install

To download the latest stable builds and for repository information and installation instructions visit https://osquery.io/downloads.

We use a simple numbered versioning scheme X.Y.Z, where X is a major version, Y is a minor, and Z is a patch. We plan minor releases roughly every two months. These releases are tracked on our Milestones page. A patch release is used when there are unforeseen bugs with our minor release and we need to quickly patch. A rare 'revision' release might be used if we need to change build configurations.

Major, minor, and patch releases are tagged on GitHub and can be viewed on the Releases page. We open a new Release Checklist issue when we prepare a minor release. If you are interested in the status of a release, please find the corresponding checklist issue, and note that the issue will be marked closed when we are finished the checklist. We consider a release 'in testing' during the period of hosting new downloads on our website and adding them to our hosted repositories. We will mark the release as 'stable' on GitHub when enough testing has occurred, this usually takes two weeks.

Build from source

Building osquery from source is encouraged! Check out our build guide. Also check out our contributing guide and join the community on Slack.

License

By contributing to osquery you agree that your contributions will be licensed as defined on the LICENSE file.

Vulnerabilities

We keep track of security announcements in our tagged version release notes on GitHub. We aggregate these into SECURITY.md too.

Learn more

The osquery documentation is available online. Documentation for older releases can be found by version number, as well.

If you're interested in learning more about osquery read the launch blog post for background on the project, visit the users guide.

Development and usage discussion is happening in the osquery Slack, grab an invite here!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].