https://opensource.com/article/21/6/osquery-linux
Linux offers a lot of commands to help users gather information about their host operating system: listing files or directories to check attributes; querying to see what packages are installed, processes are running, and services start at boot; or learning about the system’s hardware.
Each command uses its own output format to list this information. You need to use tools like grep, sed, and awk to filter the results to find specific information. Also, a lot of this information changes frequently, leading to changes in the system’s state.
It would be helpful to view all of this information formatted like the output of a database SQL query. Imagine that you could query the output of the ps and rpm commands as if you were querying an SQL database table with similar names.
Fortunately, there is a tool that does just that and much more: Osquery is an open source “SQL powered operating system instrumentation, monitoring, and analytics framework.”