Still facing problem to activate the journal for N...
# generaln
Nand
05/05/2023, 11:40 AMStill facing problem to activate the journal for NTFS network drive, Any lead will be appreciable?
j
Jason
05/05/2023, 12:42 PMDid you enable the osquery flags ?
n
Nand
05/05/2023, 2:16 PMSorry, may be I missing any flag. Can you please guid
j
Jason
05/05/2023, 2:41 PMSure!
Jason
05/05/2023, 2:41 PMJason
05/05/2023, 2:41 PMThe FleetDM folks put that one together that explains how to turn on the features needed for the various "evented" tables in osquery
Jason
05/05/2023, 2:42 PMand the file monitoring table is one of those tables
n
Nand
05/06/2023, 10:54 AMHi Jason, Thanks for your prompt response. I'm new to osquery, will you please guide me How create journal for network drive of DeviceType 4?
4 Views