I want to group hosts by osq version but even with a GROUP B

Question

I want to group hosts by osq version but even with a GROUP BY osquery always returns me one row per host

Zach Zeid · Answer

This might be better for < C0F2H1A1L|sql> but posting the query would help

seph · Answer

What are you querying osquery returns data for one host If you re trying to aggregate then you need some kind of intermediary storage

Esteban · Answer

Multiple hosts by Kolide i want to group by one value and merge rows

seph · Answer

What Kolide product And querying how

seph · Answer

I don t think Fleet Kolide s OSS offering has a data aggregation side Something like live query is sending the queries out and returning there There is no consolidated database of results You may however be interested in our SaaS offering

zwass · Answer

With Fleet you can use fleetctl to query from your shell and then use pipes to do something like `fleetctl query | jq select some part you are interested in | sort | uniq`