Tables

Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.

Apple

secureboot

Secure Boot UEFI Settings.

Column	Type	Description
description	text	(Apple Silicon) Human-readable description: 'Full Security', 'Reduced Security', or 'Permissive Security' *Not returned in `SELECT FROM secureboot`. Only available on macOS**
kernel_extensions	integer	(Apple Silicon) Allow user management of kernel extensions from identified developers (1 if allowed) *Not returned in `SELECT FROM secureboot`. Only available on macOS**
mdm_operations	integer	(Apple Silicon) Allow remote (MDM) management of kernel extensions and automatic software updates (1 if allowed) *Not returned in `SELECT FROM secureboot`. Only available on macOS**
secure_boot	integer	Whether secure boot is enabled
secure_mode	integer	(Intel) Secure mode: 0 disabled, 1 full security, 2 medium security *Not returned in `SELECT FROM secureboot`. Only available on macOS**
setup_mode	integer	Whether setup mode is enabled Only available on Linux and Windows

See the secure boot status (enabled or not) of Windows and Linux systems. You could create a policy looking for it to be set to 1.

SELECT secure_boot FROM secureboot;

Edit page

Ask us anything

Solutions Device management Orchestration Software management Integrations Pricing

Documentation Support Docs API Release notes Get your license

Company About Trust Jobs Logos/artwork Why open source?

SOC2 Type 2