Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

here's a great new table that allows you to directly query the Windows Event Log. <https://github.com/osquery/osquery/pull/6563>

Since we already have a `windows_events` table that collects events in real time, what should this on-demand table be called? Perhaps `windows_eventlog` or `windows_eventslog`? Other ideas or preference?

`windows_eventlog` sounds good to me. This is a great addition, thank you <@UN4CAHX1R> (I think?)

Thanks <@U0JFM04MS> for the suggestion. :slightly_smiling_face: