Also does the watchdog only keeps the service in check as fa

Question

Also does the watchdog only keeps the service in check as far as CPU and RAM or is it also supposed to reinitialize it when the process is down

packetzero · Answer

watchdog run in separate process So if CPU and RAM of the child process are over limit for 12 seconds or so watchdog will kill the child process So yes the resource usage goes away but so does the process Watchdog will restart another child process Usually if the child process was executing a query when killed that query gets blacklisted for 24 hours and the logging does not make that clear

AoS · Answer

In a case where the process was terminated not by the watchdog will it restart a new child process

AoS · Answer

and is there a way to know if an osqueryd process is the watchdog or process itself

packetzero · Answer

which is watchdog the parent process You can also look at memory usage usually less for watchdog Will it restart the child yes

AoS · Answer

Great thanks