Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Stripe + Fleet
Stripe consolidates multiple tools with Fleet.
Foursquare + Fleet
Foursquare quickly migrates to Fleet for device management.
What people are saying
Stories from the Fleet community.
Pricing
More
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
windows_search
windows_search
Run searches against the Windows system index database using Advanced Query Syntax. See https://learn.microsoft.com/en-us/windows/win32/search/-search-3x-advancedquerysyntax for details.
| Column | Type | Description |
|---|---|---|
| additional_properties | text | Comma separated list of columns to include in properties JSON Not returned in SELECT * FROM windows_search. |
| date_created | integer | The unix timestamp of when the item was created. |
| date_modified | integer | The unix timestamp of when the item was last modified |
| max_results | integer | Maximum number of results returned by windows api, set to -1 for unlimited Not returned in SELECT * FROM windows_search. |
| name | text | The name of the item |
| owner | text | The owner of the item |
| path | text | The full path of the item. |
| properties | text | Additional property values JSON |
| query | text | Windows search query Not returned in SELECT * FROM windows_search. |
| size | bigint | The item size in bytes. |
| sort | text | Sort for windows api Not returned in SELECT * FROM windows_search. |
| type | text | The item type |
Example
select *, datetime(date_created, 'unixepoch') as datetime from windows_search WHERE query = 'folder:documents' AND datetime BETWEEN '2022-11-18 16:40:00' AND '2023-11-18 16:50:00'Questions?
SOC2 Type 2
