With osquery endpoint query tool, you can easily ask questions about your Linux and OSX infrastructure. Whether your goal is intrusion detection, infrastructure reliability, or compliance, osquery gives you the ability to empower and inform a broad set of organizations within your company. Queries in the incident-response pack help you detect and respond to breaches. OSquery exposes a SQL like interface. More details on osquery can be found here.
OSQuery – Endpoint Query Tool