There is more than that You will not be able to view the eve

Question

There is more than that You will not be able to view the event tables and may not be able to run queries on a schedule

zwass · Answer

This is not correct You can get results from event based tables but the event producers are disabled by default If you want to test events with osqueryi you need to use `osqueryi disable events=false` Note that if both osqueryi and osqueryd are running with events turned on you may find weird behaviors

Anadi · Answer

Thanks I stand corrected