Tables

Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.

Apple

osquery_info

Top level information about the running version of osquery.

Column	Type	Description
build_distro	text	osquery toolkit platform distribution name (os version)
build_platform	text	osquery toolkit build platform
config_hash	text	Hash of the working configuration state Only available on macOS, Windows, and Linux
config_valid	integer	1 if the config was loaded and considered valid, else 0 Only available on macOS, Windows, and Linux
extensions	text	osquery extensions status
instance_id	text	Unique, long-lived ID per instance of osquery Only available on macOS, Windows, and Linux
pid	integer	Process (or thread/handle) ID Only available on macOS, Windows, and Linux
platform_mask	integer	The osquery platform bitmask Only available on macOS, Windows, and Linux
start_time	integer	UNIX time in seconds when the process started Only available on macOS, Windows, and Linux
uuid	text	Unique ID provided by the system Only available on macOS, Windows, and Linux
version	text	osquery toolkit version
watcher	integer	Process (or thread/handle) ID of optional watcher process Only available on macOS, Windows, and Linux

See the version of the currently running osquery.

SELECT version FROM osquery_info;

Edit page

Ask us anything

Solutions Device management Orchestration Software management Integrations Pricing

Documentation Support Docs API Release notes Get your license

Company About Trust Jobs Logos/artwork Why open source?

SOC2 Type 2