Hi All, I am having one issue related to windows, ...
# kolides
SRGNR
06/16/2020, 6:42 AMHi All, I am having one issue related to windows, we are using osquery 2.11.2 version on windows systems and fleet version 2.1.2, earlier it was fine, but all of sudden none of the windows systems shows online on the kolide dashboard, even though the systems are UP and osqueryd daemon is running fine on the system... Need help on this, where it is breaking and how to fix it..
s
seph
06/16/2020, 11:09 AM
Can you send any logs or errors from osquery?
s
SRGNR
06/16/2020, 12:39 PMI am not getting any errors when run the osquery daemon on the windows system and also not seeing any kind of logs on the kolide fleet which is running on the k8s... And the existing windows systems are showing off line which was fine earlier. Not sure which caused to those windows system to stop functioning...
s
seph
06/16/2020, 2:28 PM
You need the osquery logs
seph
06/16/2020, 2:29 PM
I don’t offhand know where osquery logs to when it’s a windows service.
seph
06/16/2020, 2:29 PM
You might be able to start it from a cmd or powershell and see what it’s doing.