Hey folks, I'm trying to figure out how to query osquery via a Python script using the Thrift API, but I'm not very good at using computers: https://github.com/osquery/osquery-python#execute-queries-in-python The following example code:

import osquery

instance = osquery.SpawnInstance()
instance.open()

Raises the following exception as both the root user, and as a non-root user:

INFO:thrift.transport.TSocket:Could not connect to /tmp/pyosqsockpld1bi4b
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/dist-packages/thrift/transport/TSocket.py", line 113, in open
    handle.connect(sockaddr)
ConnectionRefusedError: [Errno 111] Connection refused
ERROR:thrift.transport.TSocket:Could not connect to any of ['/tmp/pyosqsockpld1bi4b']

Here are my osquery flags:

root@ubuntu:/etc/osquery# cat osquery.flags
--audit_allow_config=true
--audit_allow_sockets
--audit_persist=true
--audit_allow_process_events=true
--disable_audit=false
--disable_events=false
--events_max=500000
--logger_min_status=1
--logger_plugin=filesystem
--watchdog_memory_limit=350
--watchdog_utilization_limit=130

I don't know very much about computers, or osquery, but this is a vanilla installation of osquery that was recently installed.