Hi All, Has anyone notice an issue with the Osquery

iptables

virtual table returning nothing ? I've dug into the source code and have a potential theory why this issues exists, but also wanted to reach out here incase anyone has seen this "gotcha" ?

Yes! Modern Linux moved away from iptables to nftables. Osquery uses the iptables proc entries. If this is your machine, you need to find the iptables compatibility thing and install it. There’s an osquery issue somewhere.