Is there a way in OSQuery manager compare results against a baseline?
My specific case is for incident response.
I was to compare a list of processes on a compromised machine to a list of processes from a baseline machine and show the differences.
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.