OSQuery and Kilide Fleet


I had never heard of OSQuery till I saw this article, but it’s actually pretty cool. It basically gives you SQL capability to search anything in the OS, and displays it as Table field relations. This turns things like looking at your shudders list (very painful by the way) to a task that is easy to read and follow.

Kolide Fleet is a nice front-end made to use OSQuery and make it a bit more approachable. For you Sys-Admins out there, this could really be a useful tool in your belt. It works on Linux, Mac, and yes, even Windows.