Hello all, Checking socket_events on Mac os observed that for ping osquery is not capturing any event. Table used-

socket_event

. config-

{

"schedule": {

"shh_network_events": {

"query": "SELECT * FROM socket_events;",

"interval": 10

}

}

}

flags -

--disable_audit=false

--audit_allow_config=true

--audit_allow_sockets=true

can anyone help me here confirming this observation is correct or not?