7.14.1. osquery() destination options
osquery() destination has the following options:
Description: Specifies a path to the file where log messages are stored, for example, for debug purposes.
Specifying this option is optional. However, when you start losing logs for some reason, then it is recommended to write outgoing log messages to a specified file, in the same format that messages are written to the pipe. You can also use a
template() function called
t_osquery, which re-formats messages so they comply with the text-based protocol that osquery accepts.