Basic search which lists processes that include log4j in the cmdline> on Windows, Mac and Linux. The query returns a lot of results but works for an insight into what's running on the estate.
SELECT
meta_hostname AS ep_name,
name,
cmdline,
path...
Note: This query is designed for Linux only. For a basic search which lists processes called Log4J on Windows, Mac and Linux, please view this query.
This query helps customers identify vulnerable Log4J components in their environment. It shows Log4J...
Hi there,
we've combined the data from a few queries to present an all-in-one view of devices which need to be rebooted by returning the total uptime, the last time a Microsoft patch was installed, and if there are any pending restart requests.
...
BIG thanks to RaviSoni for all the hard work on the detail in this query.
You can use the query below to get more context on the health status of Windows machines via Endpoint Live Discover. e.g. which area is causing a bad health (Service or Threat...
Hello,
I am not sure if I am in the right place here.
We need a query who changed an Active Directory object. E.g. who disabled or enabled a computer in AD.
There are queries for user objects but I haven't found any for computer objects.
Can...
This query will parse the Web Intelligence log files and display the URL's that users have visited or have attempted to visit, Category of the URL, Action was taken etc. This gives a rough idea of what users have visited on a specific date.
Declare...
Hello,
I hope i dont miss a thread already discussing this topic.
Starting with Windows 10 1909 we have the ability to use DirectStorage, besides hardware requirements the software also needs to be capable of this.
The storage filter driver of Sophos...
