Hello. anyone seeing osquery going crazy cpu with "osqueryd worker (pid) stopping: Maximum sustainaible utilization limit exceeded" and killed every 15sec or so? almost no other messages but a few hundred query results (network connections and process) vs 4k limit exceeded a day... trying to get more info on setup. Thanks

you need to figure out which query or queries are causing the load.

Thanks @packetzero would be nice but prod system that I can't even touch...

you are going to have to touch the config at some point. Look at "SELECT name, interval, executions, output_size, wall_time, (user_time/executions) as avg_user_time, (system_time/executions) as avg_system_time, average_memory, last_executed FROM osquery_schedule;"

clearly. added monitoring pack on my options. for now, trying to get system build-run book so I can minimize test iterations...