Solutions
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Infrastructure as code
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Customers
Pricing
More
Device management
Remotely manage, and protect laptops and mobile devices.
Orchestration
Automate tasks across devices, from app installs to scripts.
Software management
Inventory, patch, and manage installed software.
Infrastructure as code
See every change, undo any error, repeat every success.
Extend Fleet
Integrate your favorite tools with Fleet.
Tables
Fleet uses osquery tables to query operating system, hardware, and software data. Each table provides specific data for analysis and filtering.
Apple
Linux
Windows
ChromeOS
yara_events
yara_events EVENTED TABLE
Track YARA matches for files specified in configuration data.
| Column | Type | Description |
|---|---|---|
| action | text | Change action (UPDATE, REMOVE, etc) |
| category | text | The category of the file |
| count | integer | Number of YARA matches.
Note that count is a reserved word and should be wrapped in quotes when referencing this column in a query. |
| eid | text | Event ID Not returned in SELECT * FROM yara_events. |
| matches | text | List of YARA matches |
| strings | text | Matching strings |
| tags | text | Matching tags |
| target_path | text | The path scanned |
| time | bigint | Time of the scan |
| transaction_id | bigint | ID used during bulk update Not returned in SELECT * FROM yara_events.Only available on macOS |
Questions?
SOC2 Type 2
