🍺 BREW Explorer

← all casks

osquery

brew install --cask osquery v5.23.0

Query your Mac's system state and processes using SQL.

Why you might care

Osquery lets security teams and system administrators audit the operating system using SQL queries instead of command-line tools, making compliance checks and threat hunting programmatic and repeatable. It's widely used in enterprise security operations.

Categories

security monitoring system-utility

Alternatives

auditd Kolide Fleet
243
30-day installs · #797
787
90-day · #766
2.9k
365-day · #761

Links

Blurb generated by claude-haiku-4-5 on today.

Raw metadata 
{
  "alternatives": [
    "auditd",
    "Kolide Fleet"
  ],
  "artifacts": [
    {
      "uninstall": [
        {
          "launchctl": "com.facebook.osqueryd",
          "pkgutil": [
            "com.facebook.osquery",
            "io.osquery.agent"
          ]
        }
      ]
    },
    {
      "pkg": [
        "osquery-5.23.0.pkg"
      ]
    }
  ],
  "auto_updates": null,
  "categories": [
    "security",
    "monitoring",
    "system-utility"
  ],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "SQL powered operating system instrumentation and analytics",
  "disable_reason": null,
  "disabled": 0,
  "display_name": "osquery",
  "enrichment_fetched_at": "2026-06-20T22:47:50+00:00",
  "first_seen": "2026-06-20T00:47:34+00:00",
  "full_token": "osquery",
  "github_default_branch": null,
  "github_last_commit_at": null,
  "github_readme_excerpt": null,
  "github_repo": null,
  "github_stars": null,
  "github_topics": [],
  "homepage": "https://osquery.io/",
  "homepage_og_description": null,
  "homepage_og_image": null,
  "homepage_title": "Osquery",
  "installs_30d": 243,
  "installs_365d": 2933,
  "installs_90d": 787,
  "last_seen": "2026-06-20T00:47:34+00:00",
  "llm_generated_at": "2026-06-20T23:05:35+00:00",
  "llm_model": "claude-haiku-4-5",
  "names": [
    "osquery"
  ],
  "one_liner": "Query your Mac\u0027s system state and processes using SQL.",
  "rank_30d": 797,
  "rank_365d": 761,
  "rank_90d": 766,
  "raw_hash": "064c11c42a37aeda",
  "ruby_source_path": "Casks/o/osquery.rb",
  "tap": "homebrew/cask",
  "token": "osquery",
  "version": "5.23.0",
  "why_use_this": "Osquery lets security teams and system administrators audit the operating system using SQL queries instead of command-line tools, making compliance checks and threat hunting programmatic and repeatable. It\u0027s widely used in enterprise security operations."
}