How to monitor file integrity on Linux using Osquery

The basic concept involved with the use of the osquery application is the “tabular abstraction” of many aspects of the operating system, such as processes, users, etc. The data is stored in tables which can be queried using SQL syntax, directly via the osqueryi shell, or via the osqueryd daemon.In this tutorial we will see how to install the application, how to run basic queries, and how to use FIM (File Integrity Monitoring).