Brandon Mesa10/27/2022, 7:40 PM
-> % tail -f /var/log/osquery/osqueryd.INFO Log file created at: 2022/10/27 15:14:11 Running on machine: Brandons-MacBook-Pro-2.local Running duration (h:mm:ss): 0:00:00 Log line format: [IWEF]yyyymmdd hh:mm:ss.uuuuuu threadid file:line] msg I1027 15:14:11.117659 -267033344 eventfactory.cpp:156] Event publisher not enabled: endpointsecurity: EndpointSecurity client lacks user TCC permissions
sharvil10/27/2022, 7:42 PM
Brandon Mesa10/27/2022, 7:51 PM
sharvil10/27/2022, 8:09 PM
• Applications using Endpoint Security extensions might lose Full Disk Access authorization, impacting their ability to function. This issue doesn’t affect MDM-enabled extensions. (100857507)
• Workaround: Removing and re-adding Full Disk Access in Settings for these extensions might resolve the issue.
Brandon Mesa11/02/2022, 2:50 PM