RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-27 07:20:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #259 from tstromberg/fpr-may11

Browse Source 
Collect recent file events
This commit is contained in:
Thomas Strömberg 2023-05-12 16:37:29 -04:00 committed by GitHub
commit a05089b897
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
incident_response/file_events.sql
View File

@ -2,7 +2,7 @@
-- --
-- tags: postmortem -- tags: postmortem
-- platform: posix -- platform: posix
SELECT -- interval: 900
* SELECT *
FROM FROM file_events
file_events; WHERE time > (strftime('%s', 'now') -900)