osquery 是 SQL 驱动的分析和监控操作系统的工具,是操作系统分析框架,支持 OS X 和 Linux 系统。osquery 能帮助监控和分析低水平的操作系统,提供更直观的性能监控。
osquery 在操作系统中就像是一个高性能的关系数据库,允许你编写基于 SQL 的查询语句来洞察操作系统的数据。
osquery 2.7.0 新特性:
FSEvents on macOS will monitor mount events within already-monitored directories
OpenBMC events are monitored as process_events on macOS
Add RapidJSON integration as a boost property tree replacement
Implement excluded paths for FIM for Linux and macOS
软件详情:https://github.com/facebook/osquery/releases
下载地址:https://github.com/facebook/osquery/archive/2.7.0.zip
来自:开源中国社区
