Hey, is there a way to query windows event log events with fleetDM? as far as I can see it is disabled by default, but I can't find any documentation on how to enable it.

yes there is, look at the osquery documentation for the right flags to enable it, then you can query from fleetDM (I am doing this)

You can also probably query https://osquery.io/schema/5.1.0/#windows_eventlog without any configuration.