Has anyone ever thought about an extension that could make osquery work like an RMM so execute powershell scripts and stuff? Because it's halfway there with listing service status/running processes and such. Just do script execution and update management and now osquery is an RMM haha

I’m sure people have played with extensions to do any number of remote management things. I do not have a useful product point

Many individuals prefer the read-only nature of osquery and perceive it as a feature not a limitation. I think this results in a separation of the venn diagram overlap of folks wanting RMM capabilities who are interested in osquery.

If you give this a read it’s one use case https://blog.trailofbits.com/2018/05/30/manage-your-fleets-firewalls-with-osquery/

@fritz yea thats why I figured if done it would be an optional extension so core osquery could remain read only. But yea seems like a good opportunity to streamline, instead of needing all these different things, just osquery haha