Hi, I encountered the following issue: If a large query cant be processed in time the agent resources are not cleaned up properly and no further queries are processed. The issues can also be replicated by using the "stop"-btn on the fleet-query-ui. I would be very glad about any suggestions.

Can you provide mroe details on which resources are not cleaned up properly and how to reproduce this using the stop button?

I installed osquery version 4.7.0 on a windows 10 virtual machine (3600MB maximum storage and dynamic storage enabled) and verified the installation with default query. Then I did the heavy load test with:

SELECT * FROM windows_eventlog where channel='Security'

if i wait 15 min or press stop after the osquery process ("launcher" and "osquery demon and shell") reaches top loads (about 1 GB RAM) in the taskmanager the cpu usage gets slowly down to about 0% but the RAM is still in use and does not get any lower. Also retrying the default query results now in timeout after 15 min.