Hi everyone, we noticed that when running osquery using the daemon/launchctl, it takes much longer for our custom logger plugin to receive the first logs (~4x the

extension_timeout

), however when we run

osqueryd

manually from the command line it takes the

extension_timeout

period or less for the first logs to come in. Is this expected behavior, or any idea why this might be happening? Note that none of the status logs get dropped when running using launchctl.