Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Fleet Gitops
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Pricing
More
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Fleet Gitops
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
windows_events
windows_events EVENTED TABLE
Windows Event logs.
| Column | Type | Description |
|---|---|---|
| computer_name | text | Hostname of system where event was generated |
| data | text | Data associated with the event |
| datetime | text | System time at which the event occurred |
| eid | text | Event ID Not returned in SELECT * FROM windows_events. |
| eventid | integer | Event ID of the event |
| keywords | text | A bitmask of the keywords defined in the event |
| level | integer | The severity level associated with the event |
| provider_guid | text | Provider guid of the event |
| provider_name | text | Provider name of the event |
| source | text | Source or channel of the event |
| task | integer | Task value associated with the event |
| time | bigint | Timestamp the event was received |
Example
select * from windows_events where eventid=4104 and source='Security'Questions?
SOC2 Type 2
