good morning, I have a question and problem, I made a query to bring powershell events through the powershell_events table: I created a pack with this query select * from powershell events But when I did it started to get a flood of events and the traffic went up from 150MB to 1GB I realized after 5 min later .... When I realized I stopped the pack, even excludes it but still this event keeps coming is there anything to be done so that the hosts stop sending or just wait to normalize?

(answered in #general)