Has anyone got the example distributed plugin from github.com/kolide/osquery-go working? I expected this to work:

go build -o distributed_plugin <http://github.com/kolide/osquery-go/examples/distributed|github.com/kolide/osquery-go/examples/distributed>

osqueryi --extension distributed_plugin --distributed_plugin=example_distributed --distributed_interval=10 --disable_distributed=false

But the generateQueries method never gets called by OSQuery. The plugin is definitely working as I can see the regular heartbeat requests and I can call it manually using

go run <http://github.com/kolide/osquery-go/examples/call|github.com/kolide/osquery-go/examples/call> <socket> distributed example_distributed getQueries

but no luck getting OSQuery to call it

I don't know those examples, but https://github.com/kolide/launcher/tree/master/cmd/launcher.ext is a fairly complex, working plugin. (It pulls in a bunch of tables from the launcher repo)

Aaah, the problem is that

osqueryi

doesn't start the distributed query runner. That's only started when running as

osqueryd

Makes sense I guess (though confusing that

osqueryi

will still shout at you if you specify a non-existent distributed plugin)