Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

this behaviour is not visible in version 3.2.6.
in 3.2.6, `cosine_similarity` shows values in powershell_events table

kCharFreqVectorLen is now 256.. in 3.2.6 it was 255. adding an entry in character frequency map in default osquery.conf eliminated the issue. thanks.

Can you create a GitHub issue for this and provide a recommendation on how we can improve? Do we need to change the example config or add documentation somewhere?