binu
02/13/2019, 12:25 PMmanu
02/14/2019, 6:53 AMtable_name("powershell_events")
description("Powershell script blocks reconstructed to their full script content, this table requires script block logging to be enabled.")
https://www.fireeye.com/blog/threat-research/2016/02/greater_visibilityt.html
once u enable these, u should be able to see these in your table output.