Hello I am new to OSQuery and was wondering how does OSQuery

Question

Hello I am new to OSQuery and was wondering how does OSQuery gather information from the operating system Sorry if this is a silly question

terracatta · Answer

Hi Chaz this is not a silly question and it s a big reason why people choose osquery Osquery obtains OS information by interpreting the user s SQL query and converting that to a native API call to gather that data It then pulls all that info together and sends the results back as if they were coming from a DB but in reality they are coming live directly from the OS itself

terracatta · Answer

Osquery is written primarily in C++ Objective C so it can call macOS Windows and Linux APIs as natively as possible which results in the lowest impact to performance

Chaz Roman · Answer

Thank you That answers it for me appreciate it very much

terracatta · Answer

Of course happy to help