https://github.com/osquery/osquery logo
Powered by
Title
n

Nand

05/05/2023, 11:40 AM
Still facing problem to activate the journal for NTFS network drive, Any lead will be appreciable?
j

Jason

05/05/2023, 12:42 PM
Did you enable the osquery flags ?
n

Nand

05/05/2023, 2:16 PM
Sorry, may be I missing any flag. Can you please guid
j

Jason

05/05/2023, 2:41 PM
Sure!
https://fleetdm.com/guides/osquery-evented-tables-overview
The FleetDM folks put that one together that explains how to turn on the features needed for the various "evented" tables in osquery
and the file monitoring table is one of those tables
n

Nand

05/06/2023, 10:54 AM
Hi Jason, Thanks for your prompt response. I'm new to osquery, will you please guide me How create journal for network drive of DeviceType 4?
4 Views
#generalJoin Slack
Powered by