Hi, what is reliable way to stop extension, the runner seem to stop dispatcher, event factory etc on calling shutdown() however, when we launch the extension continuously in a loop the agent complains of thrift error as start extension failed

Can you elaborate on this a little more? The eventing framework is not available to extensions osquery will only shutdown extensions when closing, is the intent here to close them in another way? If they are started by osquery (--extensions parameter) then it's better to let osquery manage them. If they are started manually, then a different shutdown logic can be implemented

@alessandrogario - It is started independently from agent and I see that there is a watcher.cpp in osquery agent that tries to remove UIUDs when it is not able to connect to extension. Looks like this whole process takes some 4-5 seconds depending on the wait period