10 Pitfalls on The Path to Osquery Bliss

Slides and video from the talk at QueryCon 2019

Examples and solutions for 10 common osquery problems.

  1. User context when executing queries.
  2. Order of tables in JOIN can be significant.
  3. Large files and the --read_max flag.
  4. JSON escaping and query packs.
  5. CLI flags vs. configuration options.
  6. Understanding schedule intervals.
  7. Events in osqueryd and osqueryi.
  8. Tuning event expiration flags.
  9. Event publisher status.
  10. Identifying expensive queries.

Download PDF

Work with the experts to craft your open-source security strategy. Contact us to arrange a consultation.

Related Content