windows_powershell_script_blocks SCHEMA script_block_count int The total number of script blocks for this script script_block_id string The unique GUID of the powershell script to which this block belongs script_name string...

Scheduled queries with the Threat prefix are identification of potential threats that may warrant investigation. This identifies hidden users on OSX SCHEMA shell string User's configured default shell uid long The local user...

vulnerability_safer_flags_not_enforcing SCHEMA analysis string JSON object representing the analysis data string Data content of registry value key string Name of the key mtime long time of the most recent registry...

Not sure what this is detecting have to check with the Sophos Managed Threat Response Team on it. SCHEMA analysis string JSON object representing the analysis data string Data content of registry value key string Name...

windows_updates_patch SCHEMA caption string Short description of the patch description string Plugin description text hotfix_id string The kb article ID for the update installed_by string The system context...

Certificate padding vulnerability SCHEMA analysis string JSON object representing the analysis data string Data content of registry value key string Name of the key mtime long time of the most recent registry...

listening_ports lists processes with listening ports SCHEMA address string IPv4 address target name string Name of the process path string Full path to the process pid long Process (or thread) ID port...

Please i need the query for Show the % free disk space on DATA LAKE. Its possible???? Thanks

RPM package info SCHEMA arch string Architecture(s) supported name string Name of the registry value entry release string Package release source string ` version string Plugin short version ...

osx updates and patches. MAC OS. Not in the EAP but coming soon SCHEMA content_type string Package content_type (optional) name string Name of the registry value entry package_id string Label packageIdentifiers ...