I have installed ESP and added 5 workstations, after 12-15 hrs later 'select * from osquery_extensions' is showing only 2 workstation is running extension. 3 workstation do not have plgx extension running. however in running process list i can see plgx_win_extension is running and using 45 MB memory and 1-2% CPU.

hmm, this is strange..are you seeing the query results coming to the server from the tables that the extension creates?

nope, only osquery default tables result coming.

is this consistently reproducible? seems like something broke between osquery / extension communication..would you create an issue on github please? we will look into it..(by the way, any chance you created a query to the 'pipes' table?'

Yes , it is reproducible. no, I am not using any query for pipe table.

Thank you. It seems for some reasons osquery's connection to the extension is broken. We will try to reproduce it in our lab. FWIW, in the commercial version, we have a monitoring service that does a regular health check of the osquery+extension interactions..

is this issue resolved https://github.com/polylogyx/plgx-esp/issues/5 in latest checkin 4 days ago ?