Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Infrastructure as code
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Pricing
More
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Infrastructure as code
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
authorizations
authorizations
macOS Authorization rights database.
| Column | Type | Description |
|---|---|---|
| allow_root | text | Label top-level key |
| authenticate_user | text | Label top-level key |
| class | text | Label top-level key |
| comment | text | Label top-level key |
| created | text | Label top-level key |
| label | text | Item name, usually in reverse domain format |
| modified | text | Label top-level key |
| session_owner | text | Label top-level key |
| shared | text | Label top-level key |
| timeout | text | Label top-level key |
| tries | text | Label top-level key |
| version | text | Label top-level key |
Example
See macOS authorizations that have been modified since their creation. Useful for threat hunting.
SELECT * FROM authorizations WHERE created!=modified;Questions?
SOC2 Type 2
