Hello, I used to have success pulling process_events in using a scheduled SELECT statement every 60 seconds with osqueryd. However, a few months later, I noticed it has stopped working and I can see in the warning logs

Expiring events for subscriber: process_events (overflowed limit 50000)

. I have added a flag for

--events_expiry=1

and rebooted but still no luck. I get no results when running

select * from process_events

in the

osqueryi

shell. Any advice/ideas please? My configuration is exactly as per the osquery documentation and was working fine a few months ago