Live Query is Supported on:
- Windows Clients running Windows 7+, 64-bit devices only
- Windows Servers running Windows 2008 R2+, 64-bit devices only
- macOS 10.10+
- macOS Catalina
- Red Hat 6+
- Red Hat 7
- CentOS 7
- Ubuntu 16.04+
- SUSE 12+
- OpenSUSE 15 & 42
- Amazon Linux 2
Additional Live Query Support Information:
- For Windows & macOS, an upgrade to the 3.3 sensor (or later) is required
- Sensor version 3.4.0.820+ is required if using a proxy for endpoints
- For Linux, an upgrade to the 2.3 sensor (or later) is required
- Users with "Use Live Query" privileges enabled in their role can run queries and view results
- Users with "View Live Query" privileges enabled in their role can only view results
- Live Query is powered by Osquery an open source project written in SQL
