Fleet logo
Menu An icon indicating that interacting with this button will open the navigation menu.
Fleet logo An 'X' icon indicating that this can be interacted with to close the navigation menu.
Device management + MDM Orchestration + monitoring Software management + CVEs, usage, app library Integrations
Docs
Stories
What people are saying News Ask around Take a tour Meetups COMPANY Origins   (Fleet & osquery) The handbook Logos/artwork Why open source?
Pricing Try it yourself

Tables

Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.

macOS Apple

Linux Linux

Windows Windows

Chrome ChromeOS

services

click to open the table of contents
Windows logo

services

Lists all installed Windows services and their relevant data.

Column Type Description
description text Service Description
display_name text Service Display name
module_path text Path to ServiceDll
name text Service name
path text Path to Service Executable
pid integer the Process ID of the service
service_exit_code integer The service-specific error code that the service returns when an error occurs while the service is starting or stopping
service_type text Service Type: OWN_PROCESS, SHARE_PROCESS and maybe Interactive (can interact with the desktop)
start_type text Service start type: BOOT_START, SYSTEM_START, AUTO_START, DEMAND_START, DISABLED
status text Service Current status: STOPPED, START_PENDING, STOP_PENDING, RUNNING, CONTINUE_PENDING, PAUSE_PENDING, PAUSED
user_account text The name of the account that the service process will be logged on as when it runs. This name can be of the form Domain\UserName. If the account belongs to the built-in domain, the name can be of the form .\UserName.
win32_exit_code integer The error code that the service uses to report an error that occurs when it is starting or stopping

Example

select * from services
Edit page

Questions?

Ask us anything
{{table.title}} evented table