osquery-defense-kit/incident_response/unified_log_macos.sql

8 lines
128 B
SQL

-- Retrieves recent entries from the macOS unified log
--
-- tags: postmortem
-- platform: darwin
SELECT
*
FROM
unified_log;