Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Infrastructure as code
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Pricing
More
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Infrastructure as code
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
file_events
file_events EVENTED TABLE
Track time/action changes to files specified in configuration data.
| Column | Type | Description |
|---|---|---|
| action | text | Change action (UPDATE, REMOVE, etc) |
| atime | bigint | Last access time |
| category | text | The category of the file defined in the config |
| ctime | bigint | Last status change time |
| eid | text | Event ID Not returned in SELECT * FROM file_events. |
| gid | bigint | Owning group ID |
| hashed | integer | 1 if the file was hashed, 0 if not, -1 if hashing failed |
| inode | bigint | Filesystem inode number |
| md5 | text | The MD5 of the file after change |
| mode | text | Permission bits |
| mtime | bigint | Last modification time |
| sha1 | text | The SHA1 of the file after change |
| sha256 | text | The SHA256 of the file after change |
| size | bigint | Size of file in bytes |
| target_path | text | The path associated with the event |
| time | bigint | Time of file event |
| transaction_id | bigint | ID used during bulk update |
| uid | bigint | Owning user ID |
Questions?
SOC2 Type 2
