Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

What are the contents of /etc/osquery/osquery-local.conf?

```root@hq-o:/etc/osquery# cat osquery-local.conf
{
  "schedule": {
    "process_events": {
      "query": "SELECT * FROM process_events;",
      "interval": 10,
      "snapshot" : false
    }
  },

  "decorators": {
    "load": [
      "SELECT uuid AS host_uuid FROM system_info;",
      "SELECT user AS username FROM logged_in_users ORDER BY time DESC LIMIT 1;"
    ]
  }
}```

It looks to me like Fleet is sending down a correct config, so I suspect this might be a bug in osquery. A couple things to check:
1) Does osquery with a local config work when you specify `--logger_plugin='syslog,filesystem'`
2) Does osquery with the Fleet config work if you set `logger_plugin` to just `syslog`?