Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
y
YehonatanShami
04/30/2019, 12:44 PMAnd has anyone experienced the extension crashing with error
Extension respawning too quickly: C:\ProgramData\osquery\plgx_win_extension.ext.exe
Created and monitoring child (20340): C:\ProgramData\osquery\plgx_win_extension.ext.exe
Refusing to reister duplicate extension plgx_win_extension
Duplicate extension registeredo
OpenPlgx
04/30/2019, 12:55 PMcurious to know more on this. Anything specific that you can recall which led to this state?
y
YehonatanShami
04/30/2019, 2:10 PMNot yet, only that it happends both with osqueryd and osqueryi after running for a certain amount of time, only that osqueryd doesn't reload the extension
Any news about this?
m
manu
05/13/2019, 7:59 AMrunning osqueryd and osqueryi with config to launch the plgx extension, is not supported. as only 1 instance of the extn process can be executing at anytime and that is detected and flagged.
If one needs to have a shell for testing/experimentation then
c:\ProgramData\osquery\osqueryd\osqueryd.exe -S --flagfile=C:\ProgramData\osquery\osquery.flagsas the default installation and use case for launching and monitoring would be running in daemon mode (service)