Hey Folks, Apologies for repeating my question, but its different purpose. How do you handle large deployment, specially with: • distributed query timing config • Interactive query results (huge for a browser to handle no paging & is it logged by default ) • how frequent agent connect to fleet specially in large deployment Appreciated

I also would like to know if anyone has managed to do this well... We have a large deployment but have run into issues where we've basically just decided that ad-hoc / distributed queries against large numbers of hosts are infeasible, and we work around it by scheduling packs to run the queries that we want to run. It's... unfortunate.