users introduction

Using osqueryi

Using osqueryd

osqueryd is the host monitoring daemon which is included with osquery. Running osqueryd --help will surface some interesting configurable options. As of October 1, 2014, the configurable options are as follows:

$ osqueryd --help

  osqueryd
    --help, -h            Print help and usage information

    --config_retriever    The config plugin to use (ex: filesystem, http)
                            Default: filesystem

    --config_path         If using the filesystem config plugin, the path where
                          your osquery JSON config file can be found
                            Default: /var/osquery/osquery.conf

    --log_receiver        The logger plugin to use (ex: filesystem, scribe)
                            Default: filesystem

    --log_dir             The directory which you would like to store your
                          output logs
                            Default: /var/log/osquery/

    -v                    Increase output verbosity
                            Example: -v=3

For detailed information on how you should configure options like log_dir and log_receiver, check out the logging options guide.

For detailed information on how you should configure options like config_path and config_retriever, check out the config options guide.

Philosophy

http://osquery.rtfd.org

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

users introduction

Using osqueryi

Using osqueryd

Philosophy

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally