Am I correct to interpret that Launcher does not transmit th

Question

Am I correct to interpret that Launcher does not transmit the error message as part of distributed query results It looks like it uses this type <https github com osquery osquery go blob master plugin distributed distributed go L40 L48> which does not have the error message

terracatta · Answer

Yes that is correct

terracatta · Answer

Our product pulls all messages out of the status log and aligns them with the live queries across all devices

terracatta · Answer

Having them in the live query response would be great but we need to read the status log anyway for other reasons during the LQ processing so even if we added it it wouldn t change the code too much on our side

zwass · Answer

Got it Thank you

terracatta · Answer

yw zach If you plan on submitting a PR to improve it and want to discuss the particulars happy to do so

zwass · Answer

Kk will do I m not sure how much work it would be to expose it from there I ll file an issue to discuss if we decide to try to tackle it Thanks

seph · Answer

I ve been meaning to revisit that after the error message got added to osquery But it hasn t bubbled up Ideas welcome slightly smiling face