Install osquery on ubuntu 14.04

Today in iThePro we going to see how to install osquery on ubuntu 14.04 and work with it.

Osquery -
Osquery allows you to easily ask questions about your Linux and OSX infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company.

Osquery is just like DBMS (MySql,Postgresql,...) produces information in the form of tables and events. Tables are equivalent to SQL/SQLite tables except they generate data at query time. When you run select * from time ; the result will be the current time! Events are a bit more complicated but essentially log operating system events in real time so tables may emit the real time results when the next appropriate query runs.

See this demonstration video on how to install and use osquery on ubuntu . 




Oussama Amri 21 years, security professional from Tunisia. Lover of computer science especially programming and secuirty. Follow me On :

Popular Posts Powered by Blogger.