Closed djoreilly closed 4 months ago
For some reason the audit plugin does not see SERVICE_START events when velociraptor-client runs as a systemd service on SLES. The same works on Tumbleweed, and when run outside of systemd on SLES. Fix by using the watch_journal plugin instead.
For some reason the audit plugin does not see SERVICE_START events when velociraptor-client runs as a systemd service on SLES. The same works on Tumbleweed, and when run outside of systemd on SLES. Fix by using the watch_journal plugin instead.