Hi fleet team, i found recently after we cleaned up orbit and running osquery as system daemon service, but agent still has this in the dump log: Oct 14 220422 n121-038-121 osqueryd[563006]: I1014 220422.862608 563137 tls.cpp:255] TLS/HTTPS POST request to URI: https://XXXX.XXX.XXX/api/v1/osquery/distributed/read Oct 14 220422 n121-038-121 osqueryd[563006]: {"node_key":"RnxiqtnNMV2ukNQlWrNtcy8m5f0DfvBP"} Oct 14 220422 n121-038-121 osqueryd[563006]: { Oct 14 220422 n121-038-121 osqueryd[563006]: "queries": { Oct 14 220422 n121-038-121 osqueryd[563006]: "fleet_detail_query_orbit_info": "SELECT * FROM orbit_info" Oct 14 220422 n121-038-121 osqueryd[563006]: }, Oct 14 220422 n121-038-121 osqueryd[563006]: "discovery": { Oct 14 220422 n121-038-121 osqueryd[563006]: "fleet_detail_query_orbit_info": "SELECT 1 FROM osquery_registry WHERE active = true AND registry = 'table' AND name = 'orbit_info';" Oct 14 220422 n121-038-121 osqueryd[563006]: } Oct 14 220422 n121-038-121 osqueryd[563006]: } Oct 14 220422 n121-038-121 osqueryd[563006]: I1014 220422.874121 563137 distributed.cpp:131] Executing distributed query: fleet_detail_query_orbit_info: SELECT * FROM orbit_info Oct 14 220422 n121-038-121 osqueryd[563006]: E1014 220422.874183 563137 distributed.cpp:145] Error executing distributed query: fleet_detail_query_orbit_info: no such table: orbit_info Oct 14 220422 n121-038-121 osqueryd[563006]: I1014 220422.874310 563137 tls.cpp:255] TLS/HTTPS POST request to URI: https://XXXXapi/v1/osquery/distributed/write Oct 14 220422 n121-038-121 osqueryd[563006]: {"queries":{"fleet_detail_query_orbit_info":[]},"statuses":{"fleet_detail_query_orbit_info":1},"messages":{"fleet_detail_query_orbit_info":"no such table: orbit_info"},"node_key":"RnxiqtnNMV2ukNQlWrNtcy8m5f0DfvBP"} why the agent keeps got this from fleet? it is not supposed to happen if we remove orbit, right?

Hey, @wennan.he. This is a discovery query from Fleet, specifically checking to see if that

orbit_info

table is present.