windows_wsl_installed
SCHEMA
| atime | long | Last access time |
| ctime | long | Time of the change event |
| filename | string | Name of the file that has changed |
| mtime | long | time of the most recent registry write |
| path | string | Full path to the value |
| sha256 | string | SHA256 of the file now |
-- windows_wsl_installed INFO SELECT -- Device ID DETAILS meta_hostname, meta_ip_address, -- Query Details query_name, atime, ctime, filename, mtime, path, sha256, -- Decoration meta_boot_time, meta_eid, meta_endpoint_type, meta_ip_mask, meta_mac_address, meta_os_name, meta_os_platform, meta_os_type, meta_os_version, meta_public_ip, meta_query_pack_version, meta_username, --- Generic calendar_time, counter, epoch, host_identifier, numerics osquery_action, unix_time, -- Data Lake customer_id, endpoint_id, upload_size FROM xdr_data WHERE query_name = 'windows_wsl_installed'
