Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
t
thor
03/15/2018, 8:57 PM@jackjack this:```C:\Users\thor
λ osqueryi.exe --config_path=\.osquery.conf --nodisable_events=true --allow_unsafe=true --disable_extensions=true --verbose
I0315 13:56:53.904193 15064 init.cpp:368] osquery initialized [version=2.11.0-8-ga6227dee]
I0315 13:56:53.906090 15064 init.cpp:597] Cannot start extension manager: Extensions disabled
I0315 13:56:53.908064 15064 init.cpp:633] Error reading config: config file does not exist: \.osquery.conf
I0315 13:56:53.910081 15040 events.cpp:746] Starting event publisher run loop: windows_event_log
Using a virtual database. Need help, type '.help'
osquery> select * from windows_events where source='Security' limit 1;```
k
Kemal
03/16/2018, 7:02 AM@thor is the flag --disable_events changed to nodisable_events?
t
thor
03/16/2018, 2:12 PMThey’re both there, if you’re lazy and do t want to set a true/false you can use nodisable ;)
k
Kemal
03/16/2018, 2:13 PM🙂