Hello, I have a question about osquery timed query and differential query.As shown in the figure below, I'm not sure why the 12:14 log was generated, because in my assumption, the 12:14 query did not differ from the 11:14 query in the last hour (here, the contents were "columns"). If there was no difference, then the 12:14 query should not exist, right?

Hey! I don’t currently have a great answer for you but this is possibly a great question for the #general channel. There are many awesome osquery practitioners there.