As you probably know by now, osquery effectively turns your endpoints into SQL endpoints that you can query: SELECT * FROM processes or SELECT * FROM users etc.
But, that data is much more useful if it's tied to other telemetry data coming from your VMs, endpoints or Kubernetes clusters. This is typically the domain of APM tools.
Using OpenTelemetry (and specifically the OpenTelemetry collector) we can bring those two worlds together.
In this video I show you how that's done.
Top comments (0)