If you run the query like that with `osqueryi` it s going to

Question

If you run the query like that with `osqueryi` it s going to try to get the results immediately which means there will be no events

nebi · Answer

< zwass> so how should I query for