Hi someone know what this means:
``` I0618 16:07:5...
# linuxf
Fran Rodríguez
06/18/2020, 4:08 PMHi someone know what this means:
Copy code
I0618 16:07:50.096029 13511 auditdnetlink.cpp:616] Failed to acquire the netlink handles
sundsta
06/18/2020, 4:09 PMUsually it means osqueryd doesn’t have the permissions required to modify the audit settings (EG: not running as root or not having
CAP_AUDIT_CONTROLsundsta
06/18/2020, 4:10 PMThe lines preceding that should give you more info
f
Fran Rodríguez
06/18/2020, 4:12 PM👌
Fran Rodríguez
06/18/2020, 4:12 PMIt is running as a root
Fran Rodríguez
06/18/2020, 4:22 PMi see your ticket https://github.com/osquery/osquery/issues/6121
Fran Rodríguez
06/18/2020, 4:23 PMbut im running osquery as root
Fran Rodríguez
06/18/2020, 4:32 PMthis is ubuntu 16.04
2 Views