Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

*Question*:  `tls_server_ca.pem` is the server expecting the same key from all clients or different `tls_server_ca.pem` will be generated for every client? 

`osqueryd --verbose --ephemeral --disable_database \
    --tls_hostname localhost:8080 \
    --tls_server_certs ./tools/tests/test_server_ca.pem \`  This flag here... 
    `--config_plugin tls \
    --config_tls_endpoint /config \
    --logger_tls_endpoint /logger \
    --logger_plugin tls  \
    --enroll_tls_endpoint /enroll \
    --enroll_secret_path ./tools/tests/test_enroll_secret.txt`

Thanks, <@UF63BUA3A> <@U041WKWUATU> everyone

The server doesn't have to be the thing that terminates the TLS connection. But whatever does should accept whatever certs the nodes are using.

And by server, I meant the application that handles the osquery API.