Having an issue getting osquery to work as a service on Windows, works fine if I run it myself on the same machine, same config files, same invocation. When running as a service it doesn't report to our FleetDM server, when I run it manually it reports fine and you can query it fine from FleetDM.

any clues if you look at the 

System

 log in Windows EventViewer? Like filtering for "Service Control Manager."

@David J Davis I would also try deleting the Osquery DB and Osquery logs. I've had issues where Osquery doesn't have the proper permissions to access/modify these files and fails to load.

Not really, see a few that osquery stopped unexpectedly and a few other old ones, but those were probably when I was messing around with it, I just restarted it and don't see any errors from the Service Control Manager.

Yea, I've also heard of Windows being configured via group policy to disallow a user to spawn processes as services

I wasn't, I just tried running it from the command line with the --D option and it works, still no luck with it as a service even after a reinstall.

Not sure what to try next, but, https://github.com/osquery/osquery/blob/master/tools/manage-osqueryd.ps1 this Powershell script might let you test manually kicking off the service and uninstall/reinstall the service to see if something fixes it.

Thanks for the replies everyone, turns out it needed absolute paths for the secret and cert files when run as a service, and I made the mistake of putting them in "" marks when I fixed that, which caused another error. Finally pulled the quotes and everything was happy. Thanks again.