Channels
# apple-silicon
# arm-architecture
# auditing-warroom
# aws
# code-review
# community-feeds
# core
# darkbytes
# doorman
# ebpf
# eclecticiq-polylogyx-extension
# extensions
# file-carving
# fim
# fleet
# foundation
# fuzzing
# general
# golang
# goquery
# infrastructure
# kolide
# linux
# macos
# officehours
# osctrl
# plugins
# process-auditing
# querycon
# queryhub
# sql
# tls
# uptycs
# website
# windows
# zeek
# zercurity
Hello_There
1 year agogood morning, I have a question and problem, I made a query to bring powershell events through the powershell_events table: I created a pack with this query select * from powershell events But when I did it started to get a flood of events and the traffic went up from 150MB to 1GB I realized after 5 min later .... When I realized I stopped the pack, even excludes it but still this event keeps coming is there anything to be done so that the hosts stop sending or just wait to normalize?
zwass
1 year ago(answered in #general)
Join thread in Slack
View count: 1