Channels
# apple-silicon
# arm-architecture
# auditing-warroom
# aws
# code-review
# community-feeds
# core
# darkbytes
# doorman
# ebpf
# eclecticiq-polylogyx-extension
# extensions
# file-carving
# fim
# fleet
# foundation
# fuzzing
# general
# golang
# goquery
# infrastructure
# kolide
# linux
# macos
# officehours
# osctrl
# plugins
# process-auditing
# queryhub
# sql
# tls
# uptycs
# website
# windows
# zeek
# zercurity
Channels
- aHey Folks i noticed that osquery when you stop/restart it still locking files and cant start clean untill you kill that process.
Feb 26 09:37:33 osquery-1 systemd[1]: Stopping The osquery Daemon... Feb 26 09:37:33 os...8 Replies
1 year ago - tIs there any precedent for using osquery as a library/SDK directly? Looks like osquery’s build process is fairly rigidly defined to build an executable
(andosqueryd
is just a symbolic link to that).osqueryi4 Replies
1 year ago - dHello, there is no count change in the log results generated after the osquery difference query, does it mean that the log results are not stored in RocksDB? Why does this happen?
3 Replies
1 year ago - dHello, when I use osquery to monitor file integrity, the query log result often appears a duplicate paragraph. Have you ever encountered this kind of situation?
2 Replies
1 year ago - aHey folks i’m trying to get eventing properly but i always see these errors.
W0218 10:08:54.518049 1393 events.cpp:311] Expiring events for subscriber: user_events (overflowed limit 500000) W0218 10:10:09.537274 139...4 Replies
1 year ago - sI can create a query with SELECT and all of this but how do you schedule a event or scan to happen? do you have to install software like kolide?
2 Replies
1 year ago - cis there anything under the hood happening that might be undesirable by having a decorator query that could be failing 100% of the time on a given host?
4 Replies
1 year ago - bHi, I’d like to learn golang. What (free) course do you recommend? (I know c++, c, java and a little bit of python, batch and bash)
2 Replies
1 year ago 
Hi #general I am looking to build a query that can verify the chain of a certificate installed on the machine to verify it's a corporate asset. These are the two queries I've built, but I am not too sure it ...2 Replies
1 year ago
And I have another question: when I execute distributed query against osquery_schedule table, I see that on some servers there aren’t executions of scheduled queries. But on the other hand I get query results by syslog w...16 Replies
1 year ago