Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

We will roll up a fix for that. And while we are at it, and given you are a sysmon user as well, we observed that sysmon doesn't give events for mounted drives. How useful would you say it is, if any.

useful, especially in PCI environments or other regulated environments where the use of external media is heavily governed.

and I answered about removable media not mounted drives.  If osquery doesn't provide that natively it would be very useful.