Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

<@UADSPRGKV> I see. Thanks.

If the output is very specific to my own system, should I write a logger-plugin? Does it require to add it to the source code and compile?

If you want to add bash command output,  I can only think of using logger-plugin. About compiling the logger-plugin, the answer is yes. 
However, if you let me know what kind of information you want to add and in which logs (status logs/result logs), then I can try to find solution

So currently I’m running query select `file_events` logs, which is basically to monitor FIM.

There is a customized script which produces a very useful indicator, and I’m wondering if the output can be appended to each FIM event log line.

I’m using rpm to make deployment. If it requires to compile the source code, it means I may need to change the deployment process to build from source.