Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
m
Mystery Incorporated
06/22/2021, 5:23 PMYea so now wierdly it works from the cmd prompt but not when ran as a windows service
c
Chris
06/22/2021, 5:26 PMI recall having issues with the Windows service at one point. Mine was related to the exec path. In services.msc, what does your path to executable have?
mine reads:
C:\Program Files\osquery\osqueryd\osqueryd.exe --flagfile "C:\Program Files\osquery\osquery.flags"m
Mystery Incorporated
06/22/2021, 5:27 PM"C:\Program Files\osquery\osqueryd\osqueryd.exe" --flagfile="C:\Program Files\osquery\osquery.flags"c
Chris
06/22/2021, 5:29 PMYou may need to tweak the service to not have the executable quoted, only the flagfile parameter quoted
m
Mystery Incorporated
06/22/2021, 5:29 PMLooks like that gonna be a PwrShl thing eh? No ability with UI
c
Chris
06/22/2021, 5:31 PMYa. https://osquery.readthedocs.io/en/stable/installation/install-windows/
Look under the "Install manually" section. There are a couple of ways to do it. I wish I could remember which one worked for me, but I did have trouble with it.
What version of Windows are you on?
I had these issues on 2012 R2, but the installation worked fine on 2016