* note that query history list shows past 30 days
* revise query timeout note
* describe new saved queries available out of the box
* update images for UI changes in 8.3
* add osquery FAQ
* revise per team feedback
* simplify version check query
* add clarification about version updates
* describe how to enable the curl table
* fix link
* fix code block
* Apply suggestions from code review
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* address pr feedback
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* update image to latest
* clarify the saved queries section
* add one more clarification to saved queries section
* remove note about ECS mapping that no longer applies
* copy edit
* address review comments
* small copy edit
* add a link and info to help users find the log file location
* address review comment
* update usage section for changes to live queries, saved queries, packs, and ECS mapping
* add info about custom configuration, ECS mapping for date fields, custom tables, and other copy edits
* address pr comment, add info about static values for ecs mapping, make other minor copy edits
* add more info about the new k8s tables
* Apply suggestions from code review
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* update per code review comments
* Update docs/osquery/osquery.asciidoc
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* address review comments
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
