Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

I just built osquery from the source following <https://osquery.readthedocs.io/en/latest/development/building/#build-performance|this> guide. I want to deploy this to other macOS machines, but I'm rather overwhelmed by the number of files in the `build` directory that I'm seeing.

Is there a way to create a `.pkg` file from these build artifacts, or any other way to run this osquery binary on other machines?

Here are the files that I'm seeing under the `build` directory (tree level 2):


`./osquery/osqueryd` is your primary artifact. There is some packaging tooling but I haven't looked at that in a while.

The osqueryd binary is standalone and will run on other machines. If you want to build a pkg installer, that's a Cmake target.

<https://osquery.readthedocs.io/en/latest/development/building/#on-macos>

I see! It was essentially just a difference between `cmake --build .`  and `cmake --build . --target package` (not counting the env var setup). Thanks immensely!