diff --git a/docs/cli/README.md b/docs/cli/README.md
index 73c189d5c7..b0eeea18b1 100644
--- a/docs/cli/README.md
+++ b/docs/cli/README.md
@@ -97,7 +97,6 @@ All of these files can be concatenated together into [one file](../../examples/c
 
 ```
 |-- config.yml
-|-- decorators.yml
 |-- labels.yml
 |-- packs
 |   `-- osquery-monitoring.yml
@@ -119,6 +118,14 @@ spec:
       logger_plugin: tls
       logger_tls_endpoint: /api/v1/osquery/log
       logger_tls_period: 10
+    decorators:
+      load:
+        - "SELECT version FROM osquery_info"
+        - "SELECT uuid AS host_uuid FROM system_info"
+      always:
+        - "SELECT user AS username FROM logged_in_users WHERE user <> '' ORDER BY time LIMIT 1"
+      interval:
+        3600: "SELECT total_seconds AS uptime FROM uptime"
   overrides:
     # Note configs in overrides take precedence over the default config defined
     # under the config key above. With this config file, the base config would
@@ -140,6 +147,7 @@ spec:
             - /Users/%/Documents/%%
           etc:
             - /etc/%%
+
       linux:
         options:
           distributed_interval: 10
@@ -162,25 +170,12 @@ spec:
             - /home/not_to_monitor/.ssh/%%
           tmp:
             - /tmp/too_many_events/
-```
-
-### Osquery Logging Decorators
-
-The following file describes logging decorators that should be applied on osquery instances. A decorator should reference an osquery query by name. Both of these resources can be included in the same file as such:
-
-```yaml
-apiVersion: k8s.kolide.com/v1alpha1
-kind: OsqueryDecorator
-spec:
-  query: hostname
-  type: interval
-  interval: 10
----
-apiVersion: k8s.kolide.com/v1/alpha1
-kind: OsqueryQuery
-spec:
-  name: hostname
-  query: select hostname from system_info;
+        decorators:
+          load:
+            - "SELECT * FROM cpuid"
+            - "SELECT * FROM docker_info"
+          interval:
+            3600: "SELECT total_seconds AS uptime FROM uptime"
 ```
 
 ### Host Labels
diff --git a/examples/config-many-files/config.yml b/examples/config-many-files/config.yml
index 752e960fe2..4dd1feae07 100644
--- a/examples/config-many-files/config.yml
+++ b/examples/config-many-files/config.yml
@@ -9,6 +9,14 @@ spec:
       logger_plugin: tls
       logger_tls_endpoint: /api/v1/osquery/log
       logger_tls_period: 10
+    decorators:
+      load:
+        - "SELECT version FROM osquery_info"
+        - "SELECT uuid AS host_uuid FROM system_info"
+      always:
+        - "SELECT user AS username FROM logged_in_users WHERE user <> '' ORDER BY time LIMIT 1"
+      interval:
+        3600: "SELECT total_seconds AS uptime FROM uptime"
   overrides:
     # Note configs in overrides take precedence over the default config defined
     # under the config key above. With this config file, the base config would
@@ -52,3 +60,9 @@ spec:
             - /home/not_to_monitor/.ssh/%%
           tmp:
             - /tmp/too_many_events/
+        decorators:
+          load:
+            - "SELECT * FROM cpuid"
+            - "SELECT * FROM docker_info"
+          interval:
+            3600: "SELECT total_seconds AS uptime FROM uptime"
diff --git a/examples/config-many-files/decorators.yml b/examples/config-many-files/decorators.yml
deleted file mode 100644
index f3b7d89522..0000000000
--- a/examples/config-many-files/decorators.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-apiVersion: k8s.kolide.com/v1alpha1
-kind: OsqueryDecorator
-spec:
-  query: hostname
-  type: interval
-  interval: 10
----
-apiVersion: k8s.kolide.com/v1alpha1
-kind: OsqueryDecorator
-spec:
-  query: uuid
-  type: load
----
-apiVersion: k8s.kolide.com/v1alpha
-kind: OsqueryDecorator
-  query: instance_id
-  type: load
diff --git a/examples/config-single-file.yml b/examples/config-single-file.yml
index 451d6b0f96..59f1839589 100644
--- a/examples/config-single-file.yml
+++ b/examples/config-single-file.yml
@@ -9,6 +9,14 @@ spec:
       logger_plugin: tls
       logger_tls_endpoint: /api/v1/osquery/log
       logger_tls_period: 10
+    decorators:
+      load:
+        - "SELECT version FROM osquery_info"
+        - "SELECT uuid AS host_uuid FROM system_info"
+      always:
+        - "SELECT user AS username FROM logged_in_users WHERE user <> '' ORDER BY time LIMIT 1"
+      interval:
+        3600: "SELECT total_seconds AS uptime FROM uptime"
   overrides:
     # Note configs in overrides take precedence over the default config defined
     # under the config key above. With this config file, the base config would
@@ -52,24 +60,12 @@ spec:
             - /home/not_to_monitor/.ssh/%%
           tmp:
             - /tmp/too_many_events/
----
-apiVersion: k8s.kolide.com/v1alpha1
-kind: OsqueryDecorator
-spec:
-  query: hostname
-  type: interval
-  interval: 10
----
-apiVersion: k8s.kolide.com/v1alpha1
-kind: OsqueryDecorator
-spec:
-  query: uuid
-  type: load
----
-apiVersion: k8s.kolide.com/v1alpha
-kind: OsqueryDecorator
-  query: instance_id
-  type: load
+        decorators:
+          load:
+            - "SELECT * FROM cpuid"
+            - "SELECT * FROM docker_info"
+          interval:
+            3600: "SELECT total_seconds AS uptime FROM uptime"
 ---
 apiVersion: k8s.kolide.com/v1alpha1
 kind: OsqueryLabel