I don't think that one can replace the other, they seem really different tools; if however you only care about forwarding existing text-based logs, then osquery may not be a good choice in your deployment

Yes but the problem is we end up with 5 different agents that we must maintain to do things. Do you not see how the omission of simple text file ingestion and then being like “just use another tool” is kinda lame? You quickly have to end up managing a fleet of 5 different tools just to do some simple things. And you can’t use fleet to manage that fleet lol.

I think there's a good explanation from seph in the link that you posted; you can also just create an extension in Python and that will integrate nicely with Fleet

Cross platform, and the ability to filter the event log with osquery just cherry picking specific events from the event log instead of just forwarding everything on, and management with fleet. I don’t think it’s appropriate to say that ingesting a text log could be a privacy violation. Since when are company managed devices privacy oriented anyway? Even a users logon/logoff times could be deemed anti-privacy in that case. That is the most nonsense thing I have ever seen, it’s up to the company to create their privacy policy and such, and inform their users about what is monitored.

osquery is a building block, you are encouraged to add your own features to it through the extension system; we have an SDK for every major language (the golang one is especially nice)