Hey everyone, I have question not directly about osquery. I try to find origin of some suspicious traffic. In osquery, I see they are coming from

com.apple.WebKit.Networking.xpc

and parent process is

launchd

. So whatever making that request is using

webkit

Actually I am quite sure it is safari but are they anyway find out this kind situation's origin? In my opinion I need something like auditd but maybe I am missing something.