...
Osquery allows for an almost unlimited number of scenarios and use cases combining the supported data schemas with standard capabilities (for example, trigger http requests via curl and retrieve the results). For that reason, the solution has been conceived to pass through any custom configuration and upload the results of it to the provisioned data structures. Needless to say, a bespoke parsing process might be needed in those cases (with a customer-specific synthesis table).
Agent monitoring
Osquery exposes a set of stats and lists of events of its own status, such as scheduled queries info, Osquery events, extensions running, configuration loaded, and so on. The EA gathers this information and saves it in Devo.