Hello,
Has anybody figured out a solution for thi...
# generals
Sal
09/16/2018, 11:59 PMHello,
Has anybody figured out a solution for this issue:
Also: https://github.com/facebook/osquery/issues/4729
and : https://github.com/facebook/osquery/issues/4854
My specs:
OS: Windows Server 2008
I'll also attach the C:\ProgramData\chocolatey\logs\chocolatey.log here
Thanks!
s
Shad0wSix
09/17/2018, 4:39 AM@Sal I'm running an instance of osquery 3.3.0 on Windows 7 x65 that's configured to check-in to Kolide Fleet. I've had this same exact issue to no avail for me. Instead I just create a PS script that calls the following command: Start-Process -WindowStyle Hidden -FilePath C:\ProgramData\osquery\osqueryd\osqueryd.exe --flagfile="C:\ProgramData\osquery\osquery.flags"
Shad0wSix
09/17/2018, 6:25 AMOn the 'Security' tab of the osqueryd directory to include the 'Advanced' option / 'Permissions' I gave SYSTEM 'Full Control' in each of those places and the osqueryd service starts correctly.
Caution: This is done in a home lab where I accept the risk and have control of level of exposure. I'm sure there's probably a safer more efficient way of handling this. I'm just unaware.
I tried the 'Set-SafePermissions' within the chocolatey / osquery / tools, but that didn't work out for me.
s
Sal
09/17/2018, 1:23 PMFirstly,
Thanks @Shad0wSix for the answer.I really appreciate it.
Secondly, I circumvented this problem like so:
If I use the msi installer here: https://pkg.osquery.io/windows/osquery-3.3.0.msi it works fine. I have the osqueryd running fine.
s
Shad0wSix
09/17/2018, 1:57 PM@Sal..anything I can do to help. Thanks for the posting the link and information. I will definitely use it for Windows 7 x64.
Learning is occurring, much appreciated, thank you. 😉
👍 1