is there a reason osquery logs

unixTime

and

severity

as a string in status logs but as an integer in result logs?

I would bet not. I’ve found a lot of our logging and schemas very half hazard. (There are also subtle weird differences between the distributed read interface, and the config.)