Hello All. I try to diagnose remotely the situation when osquery has scheduled queries but not execute them (“executions = 0” in osquery_schedule table). I see that all publishers and subscribers in status “not active” on these machines (“active = 0” in osquery_events table). OSquery version is 3.3.0. Earlier I found wrong parameter “schedule_timeout = 60", after that I fixed it to default value “schedule_timeout = 0” via kolide fleet and that helps but only after osqueryd restart. Is there any way to recover osqueryd without service restart? I have access to osquery fleet via config_tls_endpoint only.

SELECT default_value,name,value FROM osquery_flags where value<>default_value

"host_hostname","default_value","name","value"
"<http://hostX.domain.com|hostX.domain.com>","false","audit_allow_config","true"
"<http://hostX.domain.com|hostX.domain.com>","false","audit_allow_sockets","true"
"<http://hostX.domain.com|hostX.domain.com>","filesystem","config_plugin","tls"
"<http://hostX.domain.com|hostX.domain.com>","0","config_refresh","60"
"<http://hostX.domain.com|hostX.domain.com>","","config_tls_endpoint","/api/v1/osquery/config"
"<http://hostX.domain.com|hostX.domain.com>","true","disable_audit","false"
"<http://hostX.domain.com|hostX.domain.com>","true","disable_distributed","false"
"<http://hostX.domain.com|hostX.domain.com>","60","distributed_interval","10"
"<http://hostX.domain.com|hostX.domain.com>","","distributed_tls_read_endpoint","/api/v1/osquery/distributed/read"
"<http://hostX.domain.com|hostX.domain.com>","","distributed_tls_write_endpoint","/api/v1/osquery/distributed/write"
"<http://hostX.domain.com|hostX.domain.com>","","enroll_secret_path","/etc/osquery/enrollment_secret"
"<http://hostX.domain.com|hostX.domain.com>","","enroll_tls_endpoint","/api/v1/osquery/enroll"
"<http://hostX.domain.com|hostX.domain.com>","3600","events_expiry","1"
"<http://hostX.domain.com|hostX.domain.com>","false","force","true"
"<http://hostX.domain.com|hostX.domain.com>","0","logger_min_status","1"
"<http://hostX.domain.com|hostX.domain.com>","filesystem","logger_plugin","syslog"
"<http://hostX.domain.com|hostX.domain.com>","","logger_tls_endpoint","/api/v1/osquery/log"
"<http://hostX.domain.com|hostX.domain.com>","4","logger_tls_period","60"
"<http://hostX.domain.com|hostX.domain.com>","false","logtostderr","true"
"<http://hostX.domain.com|hostX.domain.com>","_","pack_delimiter","/"
"<http://hostX.domain.com|hostX.domain.com>","2","stderrthreshold","3"
"<http://hostX.domain.com|hostX.domain.com>","","tls_hostname","<http://kolidefleet.domain.com:8412|kolidefleet.domain.com:8412>"
"<http://hostX.domain.com|hostX.domain.com>","/usr/share/osquery/certs/certs.pem","tls_server_certs","/etc/osquery/server.pem"
"<http://hostX.domain.com|hostX.domain.com>","0","watchdog_memory_limit","350"