Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
osquery_info
osquery_info
Top level information about the running version of osquery.
| Column | Type | Description |
|---|---|---|
| build_distro | text | osquery toolkit platform distribution name (os version) |
| build_platform | text | osquery toolkit build platform |
| config_hash | text | Hash of the working configuration state Only available on macOS, Windows, and Linux |
| config_valid | integer | 1 if the config was loaded and considered valid, else 0 Only available on macOS, Windows, and Linux |
| extensions | text | osquery extensions status |
| instance_id | text | Unique, long-lived ID per instance of osquery Only available on macOS, Windows, and Linux |
| pid | integer | Process (or thread/handle) ID Only available on macOS, Windows, and Linux |
| platform_mask | integer | The osquery platform bitmask Only available on macOS, Windows, and Linux |
| start_time | integer | UNIX time in seconds when the process started Only available on macOS, Windows, and Linux |
| uuid | text | Unique ID provided by the system Only available on macOS, Windows, and Linux |
| version | text | osquery toolkit version |
| watcher | integer | Process (or thread/handle) ID of optional watcher process Only available on macOS, Windows, and Linux |
Example
See the version of the currently running osquery.
SELECT version FROM osquery_info; Notes
- On ChromeOS, this table requires the fleetd Chrome extension.
Edit page
Ask us anything
Questions?
SOC2 Type 2
© 2025 Fleet Inc.
Privacy
