Facebook's osquery

alias454alias454 Member Posts: 648 ■■■■□□□□□□
in Off-Topic
I just came across this last week and thought it looked interesting. I guess it has been out for over a year and I want to know if anyone else has deployed this in dev, tst, or prd environments?

https://osquery.readthedocs.io/en/stable/
“I do not seek answers, but rather to understand the question.”
· Share on FacebookShare on Twitter

Comments

  • VeritiesVerities Member Posts: 1,162
    That's an impressive free tool, nice documentation, and even addresses the first thing I thought of..performance:

    "The osquery tooling provides a full-featured profiling script. The script can evaluate table, query, and scheduled query performance on a system. Before scheduling a set of queries on your enterprise hosts, it is best practice to measure the expected performance impact"

    I'll have to try this out next week. Thanks for posting this.
    · Share on FacebookShare on Twitter
  • alias454alias454 Member Posts: 648 ■■■■□□□□□□
    Did you ever get a chance to play around? I finally got a system stood up and can see some opportunities. I already sold a couple of the other admins on some ideas so now I have to develop a poc.
    “I do not seek answers, but rather to understand the question.”
    · Share on FacebookShare on Twitter
  • VeritiesVerities Member Posts: 1,162
    No...I forgot about it. I'm glad you resurrected this because I still want to see how useful it is.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.