Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

Hi Everyone, has anybody encountered an issue where osquery fails to parse augeas files? I tried running the query below as a test and i get no results

```osquery&gt; SELECT label FROM augeas WHERE path = 'etc/sudoers';
osquery&gt;```
Current running versions:
OSquery: v5.4.0
Fleet: v4.17.1

Is that path correct? I imagine it should be `/etc/sudoers`, though I also don’t remember of augeas does funny things

<@U7QP20JQH> you are correct, i missed typed but i still get no results

Are you running as root? sudoers isn’t usually world readable.

Does `select * from augeas` preduce results?

Hi <@U7QP20JQH>, i was actually able to resolve this issue. Apparently as of version 4.5.1 of the osquery agents, i can no longer specify the location where my custom template goes. Augeas lenses is now bundled with newer osquery distribution and the default location for the .aug files are in `/opt/osquery/share/osquery/lenses` , so i just moved our custom template over to that dir and it started working

Ah yes. That’s true! Previously osquery used both the default augeas search path _and_ the osquery specific lenses. In 4.5.1 we dropped the augeas search path, so that site admins can restrict what osquery uses more directly.