Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

From <@U0114SH5AHK>
&gt; We are seeing this random issue on servers having 4.6 version installed being unresponsive after a while from fleet using live queries. 4.5.1 is working fine without any issues. I went on the server and did a restart of the agent and it started back up but then it went back to being non responsive again. Verbose TLS logging on agent side wont show anything since it was restarted.


Does this happen for any live query or is it a specfic query that causes it?

Can you try running osqueryd with `--verbose --tls_dump` and then triggering the issue?

Problem here is that when we do that it basically starts fresh and becomes responsive. I can try leaving it for a while and see if issue re-occurs.

Yeah the best thing to do would be to restart the agent with those flags and then run a live query to try to trigger the issue

```CentOS Linux release 7.9.2009 (Core)```

What is an example Live Query that causes osquery to hang?

Basically any query `SELECT * FROM osquery_info;` &amp; it starts back up after agent restart. I have enabled verbose logging right now and it's working for far. I will keep on monitoring.

I would like to release 4.6 to the repos. Any confidence that this only effects 4.6?

FWIW I'm unable to reproduce this with osquery 4.6.0 running in a centos 7.9 container. I've run a dozen or so live queries over the course of half an hour and seen no issues. <@U0114SH5AHK> have you been able to reproduce it with the verbose logging?