Hey, I am trying to audit the KILL syscall on linux using my own audit rules instead of asking osquery to put rules into audit. When I have a filter for KILL in the audit config, no audit events show up at all in stdout when using

--audit_debug=true

or in osquery logs when querying for process events. The issue is detailed in the below SO question. https://stackoverflow.com/questions/61153490/osquery-not-auditing-kill-syscall-in-audit-rules