Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
m
marpaia
05/29/2018, 5:43 PMhttps://osquery.slack.com/archives/C1XCLA5DZ/p1527334843000014
there are likely no queries scheduled that are emitting results.
l
LogHoarder
05/30/2018, 10:55 AM@marpala is it just scheduled queries that provide output or do ad-hoc queries output there too? I’ve been trying to save a custom pack but the “Save Query Pack” button is unresponsive.
m
marpaia
05/30/2018, 5:15 PMall queries provide output, but scheduled queries log to the logger plugin (files or whatever) and ad-hoc queries return results to the distributed write endpoint (which shows up in the UI)
l
LogHoarder
06/07/2018, 12:17 PMThanks @marpala. That’s unfortunate but makes sense.
Now if I could only figure out why I can’t save packs 😉
m
marpaia
06/07/2018, 3:11 PMthere’s a few bugs with the 2.0.0-rc1 that i’m working on
so check those out if you haven’t yet
l
LogHoarder
06/08/2018, 12:55 PMThanks for your ongoing assistance. Really appreciate it.
m
marpaia
06/08/2018, 3:04 PMof course, my pleasure