I have osquery installed with launcher where is the DB by de

Question

I have osquery installed with launcher where is the DB by default I d like to run osqueryi locally to debug some stuff

seph · Answer

This feels like a bit of a misnomer osquery is a bunch of virtual tables and sqlite Launcher adds some more virtual tables osqueryi is a CLI interface to osquery it s the same as invoking `osqueryd S` There is no database on disk to hit I do not think it s easy to connect osqueryi to the launcher distributed tables

Martin Lee · Answer

OK I think I misunderstood ```osqueryi uses an in memory database by default To connect to an existing events database use the flag database path= var osquery osquery db only one process may attach to the database see Checking the database sanity ``` from the docs