Hi everyone, is there any way to read query results from osquery socket directly? Right now I'm using Kafka, but checking if there's a way to use a socket in a same way.
s
seph
5 months ago
Sort of. You can use distributed queries over the socket and read the response. (This may not be what you want)You can write an extension that registers itself as a logger, and then you can use it
s
slevchenko
5 months ago
Thanks. Now Kafka not seem such an overkill 😃
s
seph
5 months ago
It all depends on what you're doing with the data. If you have a lot of machines and you're consolidating the data, Kafka isn't a bad choice.
