Can someone elaborate on what the `active` column indicates

Question

Can someone elaborate on what the `active` column indicates on `osquery events` It shows as `1` for `process events` on Linux hosts without process auditing enabled

clippy · Answer

clippy · Answer

```1 if the publisher or subscriber is active else 0```

sundsta · Answer

Yes but what does active mean in this context How is it active if it is not enabled via the config

sundsta · Answer

It is correctly returning zero events but I do not understand why it shows as active