Osquery
Deploy Osquery with Elastic Agent, then run and schedule queries in Kibana. Osquery is an open-source tool that enables querying and monitoring of operating systems using SQL-like queries, aiding in security investigations and real-time system analysis.
Available Osquery integrations include:
- Osquery Logs: Collect logs from Osquery with Elastic Agent.
- Osquery Manager: Deploy Osquery with Elastic Agent, then run and schedule queries in Kibana