How to create a diagnostic agent using Gemini and osquery

Transcript

1. How to create a diagnostic agent using Gemini and osquery

   Daniela Petruzalek Developer Relations Engineer @ Google Cloud @danicat83

2. Who am I? Developer Relations Engineer at Google UK Originally

   from Brazil 󰎙, but living in the UK 󰏅 since 2019. My background is in backend and data engineering.

3. Agenda Motivation The technology Diagnostic agent in action

4. How will the engineering of the future look like?

5. https://www.tomshardware.com/tech-industry/artificial-intelligence/jensen-huang-advises-against-learning -to-code-leave-it-up-to-ai Published 25/Feb/2024 https://www.finalroundai.com/blog/sam-altman-says-world-wants-1000x-more-software Published 24/Jul/2025

6. Space: The Final Frontier… “Hello computer” “Computer, execute a level

   1 diagnostic procedure” “Computer, run a simulation” “Computer, create a routine”

7. What if we could do this today?

8. “Computer, run a level 1 diagnostic procedure” Engineer Agent Agent

   ??? Report

9. OSQuery osquery is a monitoring, instrumentation and analysis tool for

   operating systems using the SQL language Available for Linux, macOS and Windows

10. Agent Development Kit Agent Development Kit (ADK) is a framework

    for development and deployment of AI agents. While it is optimised for Gemini and Google products, ADK is model-agnostic and environment-agnostic https://google.github.io/adk-docs/

11. Agent Categories

12. Diagnostic Agent V1

13. Tool Definition

14. Testing the Agent Command line: adk run [agent] Dev-UI: adk

    web API server: adk api_server

15. Problems! osquery tables vary according to the host operating system

    Agent may produce “valid” but incorrect queries: SELECT * FROM process WHERE name = "malware" Hallucinations: models can generate fake information

16. Context Engineering The model’s response can be only as good

    as the context it holds Improvement points: - System prompt - Tools (!!!) - Information retrieval: - Web Search - Retrieval Augmented Generation (RAG)
17. None

18. V2: An Improved System Prompt

19. V3: Connect With the Outside World

20. V4: Schema Discovery Ideia: supply the list of tables and

    respective schemas using RAG Schemas: github.com/osquery/osquery/tree/master/specs Vertex AI RAG Engine: cloud.google.com/vertex-ai/generative-ai/docs/rag-engine/rag-overview

21. Bonus: It’s aliiiive! Gemini Live API (experimental): gemini-live-2.5-flash-preview-native-audio cloud.google.com/vertex-ai/generative-ai/docs/model-reference/multimodal-live

22. V5: Tidying it up Refactor with SequentialAgent Three separate agents:

    Query Planner -> Executor -> Analyser

23. What about the client?

24. github.com/sito-sikino/avatar-ui-core

25. Final Thoughts Developing agents can be challenging, but tools like

    ADK can ease some of the pain Developing clients as a backend engineer is still hard, but coding agents can help (e.g. Gemini CLI) Diagnosing a computer just with voice is not a reality yet, but it seems pretty close

26. Useful Resources Code: github.com/danicat/biznagafest ADK: google.github.io/adk-docs ADK samples: github.com/google/adk-samples Models:

    ai.google.dev/gemini-api/docs/models Osquery: www.osquery.io Vertex AI RAG: cloud.google.com/vertex-ai/generative-ai/docs/rag-engine/rag-quickstart

27. Thank you! danicat.dev linkedin.com/in/petruzalek @danicat83