Facebook has open sourced osquery, a framework that exposes an operating system as a high-performance relational database and allows developers to write SQL-based queries to explore operating systems, diagnose problems, troubleshoot performance issues, and so on.
“After talking with several external companies, it became clear to us that maintaining insight into the low-level behavior of operating systems is not a problem which is unique to Facebook,” security engineer and osquery team memeber Mike Arpaia noted.
“Over the past few months, we have released the osquery code and binaries to a small number of external companies. They have successfully deployed and tested osquery within their environments and they’ve given us great feedback.”
The company used osquery to create several products and tools, and is eager to see what the community will come up with now that is open source.
Osquery is cross platform – can be used on Ubuntu, CentOS and Mac OS X – and modular.
The code can be picked up here, and extensive documentation about how the framework can be used is provided here.
It’s also interesting to note that osquery is eligible for the company’s Whitehat bug bounty program – the minimum prize for a responsibly disclosed vulnerability will be $2,500. Facebook has even pointed bug hunters in the right direction.