Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

When I see errors returned from the file_events table, is this indicating that the functionality is not working, or just printing an error but not breaking? Is there a way to silence the errors to just get the table results?
```# osqueryi "select * from file_events"
W1213 03:03:20.754773 2752245 inotify.cpp:87] Failed to do stat on: /etc/alternatives/nc-man```

I guess it’s just complete failure :thinking_face:
```# osqueryi "select * from file_events"
W1213 03:47:01.515762 2795194 inotify.cpp:87] Failed to do stat on: /etc/alternatives/nc-man
E1213 03:47:01.542893 2795197 eventfactory.cpp:256] Requested unknown/failed event publisher: udev
E1213 03:47:01.543259 2795196 eventfactory.cpp:256] Requested unknown/failed event publisher: inotify```

Actually I think it’s more that there were results, but they’re not in the table anymore :thinking_face:  Learning my way through this.