Closed stesch79 closed 1 year ago
MarioHewardt
commented
1 year ago Hi,
Please specify which distro/kernel version you are experiencing this on. Additionally, please specify the -t switch when starting sysmon (e.g., sudo sysmon -t -i config_file) and attach syslog to this issue.
stesch79
commented
1 year ago Hi Mario
Thanks for your follow-up. You can close the issue as we are using Windows OS and not Linux OS.
Didn’t realize that Github is only for Linux support.
Kind regards, Stephan
From: Mario Hewardt @.> Sent: Montag, 27. März 2023 19:40 To: Sysinternals/SysmonForLinux @.> Cc: Schnider, Stephan @.>; Author @.> Subject: Re: [Sysinternals/SysmonForLinux] Windows Event Log not created (Issue #113)
CAUTION: This e-mail originated from outside the organisation. Do not click on links or open attachments unless you recognise the sender and know the content is safe.
Hi,
Please specify which distro/kernel version you are experiencing this on. Additionally, please specify the -t switch when starting sysmon (e.g., sudo sysmon -t -i ) and attach syslog to this issue.
— Reply to this email directly, view it on GitHubhttps://github.com/Sysinternals/SysmonForLinux/issues/113#issuecomment-1485562252, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A6YXUX6WPO35732KYIAUZULW6HGGRANCNFSM6AAAAAAWJDS7WQ. You are receiving this because you authored the thread.Message ID: @.***>
JuliusBaer Disclaimer This e-mail may contain confidential or privileged information. If you have received this e-mail by mistake, please contact us immediately and completely delete it (and any attachments) and do not forward it or inform any other person of its contents. If you send us messages by e-mail, we take this as your authorisation to correspond with you by e-mail, however, we reserve the right not to execute orders and instructions transmitted by e-mail at any time and without further explanation. If you do not wish to receive any further e-mail correspondence, please let us know. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, amended, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Neither the Julius Baer Group nor the sender accept liability for any errors or omissions in the content of this message which arise as a result of its e-mail transmission. Please note that all e-mail communications to and from the Julius Baer Group may be monitored. This communication is for informational purposes only. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. Please find our client privacy notices herehttps://www.juliusbaer.com/en/legal/privacy-notices-for-clients/ .
MarioHewardt
commented
1 year ago No worries. If you want to report issues for the Windows Sysinternals tools, you can report it here - syssite@microsoft.com
Describe the bug We observed on approx 1% of the installation that the Sysmon event log was not created after Sysmon was "succesfully" installed
To Reproduce Install Sysmon via command line on SYSTEM context (but not always reproducable)
Sysmon version 14.14 and lower
Distro/kernel version n/a
Sysmon configuration n/a
Logs n/a
Expected behavior Sysmon Event Log created after installation
Additional context n/a