Are system extensions queryable like kexts , I have not had a chance to dig deep into it but can’t see a table or relevant issue / pr on GitHub mainly due to the overloading of the name and currently on Linux

kexts are in the kernel_extensions table https://osquery.io/schema/4.4.0#kernel_extensions

To be clear this is system extensions being query able like the kext table enables not the actual looking up of kexts

@Gavin Sorry, I misunderstood. I don’t think there’s any built in table for querying those at the moment, but if the configuration is stored in a plist somewhere you could parse that using the plist table.

#goodfirst issue ?

It's possible to run

systemextensionsctl list

if you just need that info without osquery