Yea so now wierdly it works from the cmd prompt bu...
# fleetm
Mystery Incorporated
06/22/2021, 5:23 PMYea so now wierdly it works from the cmd prompt but not when ran as a windows service
c
Chris
06/22/2021, 5:26 PMI recall having issues with the Windows service at one point. Mine was related to the exec path. In services.msc, what does your path to executable have?
mine reads:
Copy code
C:\Program Files\osquery\osqueryd\osqueryd.exe --flagfile "C:\Program Files\osquery\osquery.flags"m
Mystery Incorporated
06/22/2021, 5:27 PM Copy code
"C:\Program Files\osquery\osqueryd\osqueryd.exe" --flagfile="C:\Program Files\osquery\osquery.flags"c
Chris
06/22/2021, 5:29 PMYou may need to tweak the service to not have the executable quoted, only the flagfile parameter quoted
m
Mystery Incorporated
06/22/2021, 5:29 PMLooks like that gonna be a PwrShl thing eh? No ability with UI
c
Chris
06/22/2021, 5:31 PMYa. https://osquery.readthedocs.io/en/stable/installation/install-windows/
Look under the "Install manually" section. There are a couple of ways to do it. I wish I could remember which one worked for me, but I did have trouble with it.
Chris
06/22/2021, 5:32 PMWhat version of Windows are you on?
I had these issues on 2012 R2, but the installation worked fine on 2016