so for example, maybe i want to know about some set of data ASAP, but i only want that query to run once a week. normally i’d just set the interval to 604800, but then i would have to wait a week to get my initial set of results

clong: Don't think you can do that now. Unless you track when osquery was last active and use distributed read for running the queries immediately!

@Seshu @clong that's how I am handling this as well. Have a distributed_read set of queries that are sent to the endpoint right after enrollment.