Hi. What are the differences between the file_events and process_file_events table? For example, one table leverages inotify publisher while the latter table requires the Linux audit framework.

I see that the documentation on FIM is pretty out of date, it doesn't even mention process_file_events https://osquery.readthedocs.io/en/latest/deployment/file-integrity-monitoring/#file-integrity-monitoring-with-osquery