https://github.com/osquery/osquery logo
Powered by
#linux
Title
# linux
f

Fran Rodríguez

06/18/2020, 4:08 PM
Hi someone know what this means:
Copy code
I0618 16:07:50.096029 13511 auditdnetlink.cpp:616] Failed to acquire the netlink handle
s

sundsta

06/18/2020, 4:09 PM
Usually it means osqueryd doesn’t have the permissions required to modify the audit settings (EG: not running as root or not having 
CAP_AUDIT_CONTROL
)
The lines preceding that should give you more info
f

Fran Rodríguez

06/18/2020, 4:12 PM
👌
It is running as a root
but im running osquery as root
this is ubuntu 16.04
2 Views
Powered by