Osquery Manager

The Osquery Manager is a centralized location for launching Osquery queries against endpoints with the Elastic Agent. Osquery is used to retrieve current information about devices reporting to Security Onion, such as currently running processes or OS version. Some default queries can be generated on this page.