Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
g
groob
11/15/2018, 3:27 PM--logger_plugin=something_other_than_filesystemr
Ralph23
11/15/2018, 3:39 PMfor my logger pluggin i have --logger_plugin=filesystem
nothing shows up in ProgramData\osquery\log
i also added --osquery_status_log_file:\ProgramData\osquery\log
nothing works…all this on a windows end point
yes the daemon connects to kolide very easy.. so it cant be the flag file
g
groob
11/15/2018, 3:41 PMcan you run it with --tls_dump and see that your packs are being schedule?
r
Ralph23
11/15/2018, 3:41 PMim using kolide
g
groob
11/15/2018, 3:42 PMi dont care what you’re using on the other end. I’m asking about running osquery in your shell and adding the --tls_dump flag so you can debug it
r
Ralph23
11/15/2018, 4:00 PMdid that already
not working
g
groob
11/15/2018, 4:04 PMwhat is not working
what are you seeing in tls_dump
r
Ralph23
11/15/2018, 4:22 PMwhy is the logger pluggin tls
Here is the flag file