Facebook Code Blog Open Source Events Videos Search Mobile Web Data Infra Culture October 29, 2014 Infra · Security · Open Source Mike Arpaia Maintaining real-time insight into the current state of your infrastructure is important. At Facebook, we've been working on a framework called osquery which attempts to approach the concept of low-level operating system monitoring a little differently. Osquery exposes an operating system as a high-performance relational database. This design allows you to write SQL-based queries efficiently and easily to explore operating systems. With osquery, SQL tables represent the current state of operating system attributes, such as: running processes loaded kernel modules open network connections SQL tables are implemented via an easily extendable API. Several tables already exist and more are being written. To best understand the expressiveness that is a...