Facebook gives away homebrewed OS monitoring tool

Osquery watches for operating system state changes that might indicate a security issue

Facebook has released an open-source tool for monitoring operating system state changes across very large infrastructures, which could help engineers quickly diagnose performance and security issues.

The tool, called Osquery, allows administrators to run SQL-based queries on operating system characteristics stored in a high-performance database, collecting data such as running processes, loaded kernel modules and open networking connections, wrote Mike Arpaia, a Facebook software engineer.

In a separate post, Arpaia described one component of Osquery, which is a low-footprint, distributed host daemon. An admin can schedule queries, and the daemon collects the results and creates logs showing OS state changes, which give an indication of the network's health.

Since Osquery will have a deep reach, Facebook wants to make sure its code doesn't have any bugs. It has made Osquery eligible for its bug hunting program, which pays a minimum of $2,500 for valid vulnerability submissions, Arpaia wrote.

Privilege escalation and remote code execution vulnerabilities are examples of types of problems Facebook wants to find, he wrote.

Osquery is cross platform and will work with a variety of operating systems such as Mac OS X, CentOS and Ubuntu.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

To comment on this article and other InfoWorld content, visit InfoWorld's LinkedIn page, Facebook page and Twitter stream.
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.