osquery

SQL-Powered Operating System Instrumentation & Monitoring

Your IP Address

Scan your IP or subnet for security analysis

Execute SQL Query

Query your operating system using SQL. Access processes, users, network connections, and more.

SQL Query Only SELECT queries are allowed. Timeout: 30 seconds

Query Templates

Pre-built queries for common security and system analysis tasks

Loading templates...

Available Tables

Browse available osquery tables and their schemas

Loading tables...

About osquery

What is osquery?

osquery is an operating system instrumentation framework that exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data.

Example Queries

List processes: SELECT * FROM processes;
Network connections: SELECT * FROM process_open_sockets;
User accounts: SELECT * FROM users;
Listening ports: SELECT * FROM listening_ports;

Security Features

Read-only queries (no system modification)
Query timeout limits
Table access whitelist
Full audit logging