-> % tail -f /var/log/osquery/osqueryd.INFO Log file created at: 2022/10/27 15:14:11 Running on machine: Brandons-MacBook-Pro-2.local Running duration (h:mm:ss): 0:00:00 Log line format: [IWEF]yyyymmdd hh:mm:ss.uuuuuu threadid file:line] msg I1027 15:14:11.117659 -267033344 eventfactory.cpp:156] Event publisher not enabled: endpointsecurity: EndpointSecurity client lacks user TCC permissions
• Applications using Endpoint Security extensions might lose Full Disk Access authorization, impacting their ability to function. This issue doesn’t affect MDM-enabled extensions. (100857507)
• Workaround: Removing and re-adding Full Disk Access in Settings for these extensions might resolve the issue.