---
obj: application
website: https://www.osquery.io
repo: https://github.com/osquery/osquery
---

# osquery

[osquery](https://osquery.io/) is an open-source endpoint instrumentation framework. It exposes an operating system as a high-performance relational database, allowing you to write SQL queries to explore system state and activity in real-time. See [schema](https://osquery.io/schema/5.17.0/).

## Usage
Usage: `osqueryi [SQL]`

Example Statement: `SELECT name, path, pid FROM processes WHERE on_disk = 0;`