This repository was archived by the owner on Feb 21, 2021. It is now read-only.

34 lines (17 loc) · 704 Bytes

File Output

Real-Time KQL supports writing output to files. The output is treated as a stream and can be infinite.

Jump To:

JSON Output
CSV Output
[HTML Output](#HTML Output)

JSON Output

With a JSON output, each event is converted into a JSON dictionary.

Example usage - Monitoring the Security Windows log:

RealTimeKql winlog --log="Security" --outputjson="Security.json"

Example breakdown:

--log="Security" : monitor the Security log
--outputjson="Security.json" : output results to Security.json

CSV Output

Coming soon

HTML Output

Coming soon