Hi, I do not find anything in Osquery schema tables to get Windows User Rights Assignment applied on computers https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment . This is helpful to get users with debug privs/load drivers/allow batch run, .... Did I miss something ? Thank you !

I’m not super familiar with that, but I do know that windows stores a lot of things in the registry. And that osquery has a table for reading data from the registry.

Unfortunately, User Rights are not part of registry but are in LSA DB and can be query with secedit /export. It is really helpful to assess security posture of the computer so I am a bit surprised there is not table for this.

I am a bit surprised there is not table for this

osquery is a volunteer effort. tables exist as individuals have decided to write them. (And as they fit with the overall goals and code standards)