Kolide Launcher for Osquery
streamline your osquery deployment
Built for Kolide
100% open source
Launcher is the result of hard-won experience building products and supporting organizations making long term investments in the osquery ecosystem. Osquery possesses an incredible range of features and utility but getting it up and running across your fleet can be a daunting task. That's why we built Kolide Launcher, an open-source project aimed to remove the hurdles of installing, updating and using osquery at scale.
Wait, what is osquery?
Key Osquery Improvements
Always Up to Date
Take advantage of emerging osquery capabilities faster with Kolide Launcher's auto-updater. Using The Update Framework (TUF) you can securely update osquery with ease.
Did we mention extra tables?
Osquery lets you to ask a lot of great questions, but what are the right questions? Kolide Launcher includes opinionated tables which aggregate useful information to solve real use-cases across your org.
osqueryi
- osquery> select * from kolide_mdm_info;
- enrolled = true
- server_url = https://mdm.kolide.com/mdm/connect
- checkin_url = https://mdm.kolide.com/mdm/checkin
- access_rights = 8191
- install_date = 2018-03-01 13:36:05 +0000
- payload_identifier = com.kolide.mdm
- topic = com.apple.mgmt.External.2eeec0a8-8bcd-44b7-afaa-b0f204bcd570
- sign_message = true
- identity_certificate_uuid = 8d8a3c8c-f31b-476f-a883-08788fbd196d
- has_scep_payload = true
MDM Info
Easily determine the MDM profiles associated with a Mac.
Reduced Config Surface
The osqueryd binary was designed to be very configurable, which allows it to be used in very different environments. The Launcher wraps osqueryd configuration and exposes very high-level options that allow you to easily connect osquery to a server that is compliant with the gRPC specification (such as Kolide Fleet).