Skip to content

Osquery Docs cleanup #4207

New issue
New issue
Open
Open
Osquery Docs cleanup#4207
Labels
Team:ExperienceIssues owned by the Experience Docs Team
@bmorelli25

Description

@bmorelli25
bmorelli25
opened on Dec 3, 2025

Description

Kib reference

The existing kibana reference page is redundant with the official osquery docs.

  1. Remove the page.
  2. Add a redirect to the Osquery integration page.

Integration doc

The existing integration docs page needs to link to extra resources and change a heading name.

  1. Link from the Osquery integration docs to official field docs: https://osquery.io/schema/5.20.0/4
  2. Rename the “Documentation” section in the integration to “Investigate with Osquery”
  3. Link to the Osquery github tables

    There are Elastic osquery tables that exist but are not documented (i.e., host_groups) and we are planning to add more tables in 9.3 like Amcacheand Browser history. In future releases, we will add more tables.

Related

Issue description extracted from #4055 with thanks to @raqueltabuyo, @florent-leborgne, and @colleenmcginnis.

Stakeholders: @marc-gr @brian-mckinney

Serverless release

January 2026

Metadata

Metadata

Assignees

No one assigned

    Labels

    Team:ExperienceIssues owned by the Experience Docs Team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions