osquery
« Back to VersTracker
Description:
SQL powered operating system instrumentation and analytics
Type: Cask  |  Latest Version: 5.21.0@0  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  @osquery  |  formulae.brew.sh
Category: Security
Tags: security monitoring instrumentation sql endpoint compliance
Install: brew install --cask osquery
About:
osquery exposes an operating system as a high-performance relational database. This allows you to write SQL-based queries to explore system data and monitor for security and compliance issues. It enables deep visibility into endpoint infrastructure for threat detection and infrastructure analysis.
Key Features:
  • SQL-based interface for OS instrumentation
  • Real-time system monitoring and discovery
  • Performance and resource efficiency
  • Extensible via custom tables and plugins
  • Cross-platform support (Linux, macOS, Windows)
Use Cases:
  • Endpoint security monitoring and threat detection
  • Infrastructure asset inventory and compliance auditing
  • Incident response and forensic analysis
Alternatives:
  • GRR Rapid Response – Focuses on remote forensic and live analysis at scale
  • Wazuh – Provides SIEM/XDR capabilities with agent-based monitoring
Version History
Detected Version Rev Change Commit
Jan 11, 2026 10:14pm 5.21.0 0 VERSION_BUMP b485f789
Sep 8, 2025 1:32am 5.19.0 0 VERSION_BUMP 75732917
« Back to VersTracker  |  Browse Packages  |  About