this behaviour is not visible in version 3 2 6 in 3 2 6 `cos

Question

this behaviour is not visible in version 3 2 6 in 3 2 6 `cosine similarity` shows values in powershell events table

himanshu · Answer

kCharFreqVectorLen is now 256 in 3 2 6 it was 255 adding an entry in character frequency map in default osquery conf eliminated the issue thanks

theopolis · Answer

Can you create a GitHub issue for this and provide a recommendation on how we can improve Do we need to change the example config or add documentation somewhere

himanshu · Answer

sure