theopolis06/20/2017, 10:11 PM
will enable the event publishers for the shell. A config could also turn them on,
will write the config JSON. Next, why are the events failing? Those are all
-based to some API that is privileged on the OS, so you could be running as a restricted user, or have cgroups limiting the binary's permissions?
cc08/31/2018, 9:09 PM
running on my centos7 server as well, which steals all the events need to be sent to osquery. After I disabled
, everything works properly. I know this is old, but still wanna leave a message here in case anybody else has the same issue.