Query reports: How to start collecting results again (#35716)

Context: https://fleetdm.slack.com/archives/C019WG4GH0A/p1763056269172289?thread_ts=1762986256.339339&cid=C019WG4GH0A
2026-05-24 09:28:54 +00:00 · 2025-11-14 10:42:32 -05:00 · 2025-11-14 10:42:32 -05:00 · e919ab53b0
commit e919ab53b0
parent beac51499e
1 changed files with 4 additions and 2 deletions
--- a/articles/queries.md
+++ b/articles/queries.md
@ -48,9 +48,11 @@ How to view a query report:

 3. If you want to download the query report, select **Export results** to save it as a CSV.

-Fleet will store up to 1000 results for each scheduled query to give users a snapshot of query results. If the number of results for a scheduled query is below 1000, then the results will continuously get updated every time the hosts send results to Fleet.
+Fleet stores up to 1,000 results per query. If the count stays below this limit, Fleet updates the report each time hosts send new data.

-> You can tell Fleet to store more than 1000 results in query reports by setting [`server_settings.query_report_cap`](https://fleetdm.com/docs/rest-api/rest-api#server-settings) via [the Modify configuration API endpoint](https://fleetdm.com/docs/rest-api/rest-api#modify-configuration).
+If the results exceed 1,000, Fleet stops updating the report. To start collecting data again, clear the stored results from the query’s page. Go to **Advanced options**, check **Discard data**, and select **Save**. Then uncheck **Discard data** and select **Save** again.
+
+> You can change the 1,000-result limit by setting [`server_settings.query_report_cap`](https://fleetdm.com/docs/rest-api/rest-api#server-settings) via [the Modify configuration API endpoint](https://fleetdm.com/docs/rest-api/rest-api#modify-configuration).

 Persisting query reports within Fleet creates load on the database, so you'll want to monitor database load as you add queries. If needed, you can disable query reports either globally or per-query.