• theopolis

    theopolis

    2 years ago
    here's a great new table that allows you to directly query the Windows Event Log. https://github.com/osquery/osquery/pull/6563 Since we already have a
    windows_events
    table that collects events in real time, what should this on-demand table be called? Perhaps
    windows_eventlog
    or
    windows_eventslog
    ? Other ideas or preference?
  • zwass

    zwass

    2 years ago
    windows_eventlog
    sounds good to me. This is a great addition, thank you @Akshay Kumar (I think?)
  • a

    Akshay Kumar

    2 years ago
    Thanks @zwass for the suggestion. 🙂
  • Magneto

    Magneto

    2 years ago
    +1 for "windows_eventlog"