You are viewing docs on Elastic's new documentation system, currently in technical preview. For all other Elastic docs, visit elastic.co/guide.

Osquery

Deploy Osquery with Elastic Agent, then run and schedule queries in Kibana. Osquery is an open-source tool that enables querying and monitoring of operating systems using SQL-like queries, aiding in security investigations and real-time system analysis.

Available Osquery integrations include:

  • Osquery Logs: Collect logs from Osquery with Elastic Agent.
  • Osquery Manager: Deploy Osquery with Elastic Agent, then run and schedule queries in Kibana

On this page