`--logger_plugin=something_other_than_filesystem`
# kolideg
groob
11/15/2018, 3:27 PM
--logger_plugin=something_other_than_filesystemr
Ralph23
11/15/2018, 3:39 PMfor my logger pluggin i have --logger_plugin=filesystem
Ralph23
11/15/2018, 3:39 PMnothing shows up in ProgramData\osquery\log
Ralph23
11/15/2018, 3:40 PMi also added --osquery_status_log_file:\ProgramData\osquery\log
Ralph23
11/15/2018, 3:41 PMnothing works…all this on a windows end point
Ralph23
11/15/2018, 3:41 PMyes the daemon connects to kolide very easy.. so it cant be the flag file
g
groob
11/15/2018, 3:41 PM
can you run it with --tls_dump and see that your packs are being schedule?
r
Ralph23
11/15/2018, 3:41 PMim using kolide
g
groob
11/15/2018, 3:42 PM
i dont care what you’re using on the other end. I’m asking about running osquery in your shell and adding the --tls_dump flag so you can debug it
r
Ralph23
11/15/2018, 4:00 PMdid that already
Ralph23
11/15/2018, 4:00 PMnot working
g
groob
11/15/2018, 4:04 PM
what is not working
groob
11/15/2018, 4:04 PM
what are you seeing in tls_dump
r
Ralph23
11/15/2018, 4:22 PMwhy is the logger pluggin tls
Ralph23
11/15/2018, 4:25 PMHere is the flag file
6 Views