Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Ryan Mack

Ryan Mack

Ryan is Director of Engineering at Uptycs, where he enjoys bouncing around between kernel code, data pipelines, and even compilers to provide comprehensive security for container workloads, from build-time through large-scale production deployment. Prior to Uptycs, Ryan built teams solving exabyte-scale data challenges and scaling globally-distributed compute clusters at Facebook.

Using Augeas with osquery: How to access configuration files from hundreds of applications

Using Augeas with osquery: How to access configuration files from hundreds of applications

Osquery is a powerful tool that allows you to investigate and monitor a myriad of endpoint activity, status, and configuration information through a unified SQL interface. Inside osquery, there's typically a 1:1 correspondence between a source of information and the SQL table you can use to browse or search this information. Some sources of information include parts of the /proc file system, API calls to container daemons, reading logs or status files on disk, and event streams coming from the Linux audit frame.