hello, i want to ask, why i run query select * from process_events; , i recive Your live query returned no results. on os: ubuntu and centos,

by default events are disabled add

--disable_events=false

to your osquery flags to enable event tables