From the reading I have done and from what I have seen osquery is powerful and I'm still a noob, I wondered if I could use it to say find all hosts in my environment that are located in just Washington. Is that possible?

You could probably improvise something like this with IP geolocation: Use the

curl

table to hit an API that provides geolocation information for the request IP. Of course you'll have to have osquery installed on the endpoints and a way to run the query and retrieve the results.

Sorta. I’m not sure if you can directly get location with osquery but you can get information that will help you get location elsewhere. You can IP address correlate, as Zach describes. On some platforms you can get enough wifi information to get location data.

Thank you both. You spawned an idea and I can take it from here!