What is osquery?
Osquery is a an open-source, cross-platform agent that turns your operating system into a virtual database, letting you leverage the power of the SQL language to ask anything from your system. Over 200 tables let you understand what processes are running, what users are logged in, where the machine is connected, what files are on disk and much, much more. Due to its flexibility and power, it makes an amazing tool for threat hunting, security monitoring, and even IT operations.
What is cloudquery?
cloudquery is an osquery extension that allows IT, security, and DevOps teams to fetch cloud telemetry from AWS, GCP, and Azure. It is extensible so that one can add support for new tables easily, and configurable so that one can change the table schema as well.
Common use cases are security and compliance.
Find out more about cloudquery via GitHub.
osquery vs cloudquery
Cloudquery is an extension of osquery, not a replacement. You should install osquery on each endpoint to collect endpoint data and deploy cloudquery in each of your cloud environments to collect cloud data.