If I am using Fleet to send to a destination and it loses connectivity is there any sort of caching that goes on? I think perhaps it would stop removing results from the REDIS database - but I cannot find any information on how/when data is removed from there.

by "destination" do you mean a client which is enrolled in FleetDM?

No, I'm a Fleet noob, so may not have the right terminology but if I'm using a Plugin to send the data to a 3rd part i.e. Devo or Splunk what happens if it can't reach that plugins destination - or is that something defined in the plugin?

If Fleet can't send to the destination, it will return an error to osquery. This causes osquery to retry sending the logs. They're stored in osquery's internal buffer until they send successfully, or are expired after the

buffered_log_max

is exceeded.

Awesome, I appreciate you, to ask do you know if that behavior is documented anywhere?

Thanks again.