Hi Team, I am trying to run a simple select query on windows_crashes table; on command prompt its giving output but I am running it from Servicenow and it gives me below error. Can anyone help here. FYI - all other tables are giving proper output. I0113 101629.751997 23860 init.cpp:357] osquery initialized [version=4.9.0] I0113 101629.755003 23860 extensions.cpp:453] Could not autoload extensions: Cannot open file for reading: \Program Files\osquery\extensions.load I0113 101629.755997 23860 init.cpp:568] An error occurred during extension manager startup: Extensions disabled I0113 101629.755997 23860 auto_constructed_tables.cpp:97] Removing stale ATC entries I0113 101630.894249 23860 sqlite_util.cpp:269] DBManager contention: opening transient SQLite database I0113 101630.911240 23860 sqlite_util.cpp:269] DBManager contention: opening transient SQLite database I0113 101630.962268 23860 dispatcher.cpp:149] Thread: 23860 requesting a stop I0113 101630.962268 23860 dispatcher.cpp:122] Thread: 23860 requesting a join I0113 101630.962268 23860 dispatcher.cpp:144] Services and threads have been cleared [ ]

If all other tables are behaving the same, then I don't see anything in the above output that would be related to the

windows_crashes

table specifically. It could be that when run one way, it is run as the Administrator, and when run another way, it doesn't have the same user permissions it needs.