Releases · RasterSec/fleetdm-osquery-defense-kit

FleetDM-compatible queries from osquery-defense-kit

Based on upstream commit: 1089334 (2025-08-13)

Query counts

Category	Count
Detection	163
Incident Response	101
Policy	5
Total	269

Usage

Download the YAML files and import to FleetDM:

fleetctl apply -f chainguard-all.yml

Or import individual categories:

fleetctl apply -f chainguard-detection.yml
fleetctl apply -f chainguard-incident-response.yml
fleetctl apply -f chainguard-policy.yml

Scheduled Queries

Use these files if you want scheduled intervals:

# Detection rules every 5 minutes
fleetctl apply -f chainguard-detection-5min.yml

# Incident response rules every 10 minutes
fleetctl apply -f chainguard-incident-response-10min.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

FleetDM-compatible queries from osquery-defense-kit

Query counts

Usage

Scheduled Queries

Uh oh!

Uh oh!

Releases: RasterSec/fleetdm-osquery-defense-kit

FleetDM Queries v20260210-1089334

FleetDM-compatible queries from osquery-defense-kit

Query counts

Usage

Scheduled Queries

Uh oh!