Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Using Augeas with osquery: How to access configuration files from hundreds of applications

Using Augeas with osquery: How to access configuration files from hundreds of applications

Osquery is a powerful tool that allows you to investigate and monitor a myriad of endpoint activity, status, and configuration information through a unified SQL interface. Inside osquery, there's typically a 1:1 correspondence between a source of information and the SQL table you can use to browse or search this information. Some sources of information include parts of the /proc file system, API calls to container daemons, reading logs or status files on disk, and event streams coming from the Linux audit frame.