Are query packs a recommended way of scheduling queries I m

Question

Are query packs a recommended way of scheduling queries I m confused about the difference between Schedule configuration option and Pack configuration options

zwass · Answer

Yeah typically Query packs help provide a bit more organization and context and can also be loaded from separate files

grant seltzer · Answer

Interesting I assume packs came later on

grant seltzer · Answer

I mentioned in < C1XCLA5DZ|kolide> and < CBMR0L7SM|extensions> as well as below but would you expect pack query results to be logged in the same way as scheduled queries

zwass · Answer

Yes just with the pack name prepended to the query name

grant seltzer · Answer

Hm strange Maybe a bug that it s not working

grant seltzer · Answer

Thank you

grant seltzer · Answer

ah it was because it wasn t set to a snapshot

grant seltzer · Answer

slightly smiling face