search

Sysinternals / SysmonForLinux

MIT License
1.71k stars 181 forks source link

Installing SysmonForLinux from Repository is failing #123

Closed v4lt0n closed 10 months ago

v4lt0n commented 1 year ago

Installing SysmonForLinux from Repository is failing

journalctl -xe Apr 26 13:49:57 intel sysmon[395239]: Using libxml2. libxml2 is Copyright (C) 1998-2012 Daniel Veilla> Apr 26 13:49:57 intel sysmon[395239]: Loading configuration file with schema version 4.22 Apr 26 13:49:57 intel sysmon[395239]: Sysmon schema version: 4.81 Apr 26 13:49:57 intel sysmon[395239]: Configuration file validated. Apr 26 13:49:57 intel sysmon[395284]: Found Kernel version: 5.15 Apr 26 13:49:57 intel sysmon[395284]: Using EBPF object: .//sysmonEBPFkern5.6-_core.o Apr 26 13:49:57 intel sysmon[395284]: libbpf: Failed to bump RLIMIT_MEMLOCK (err = -1), you might nee> Apr 26 13:49:57 intel sysmon[395284]: libbpf: Error in bpf_object__probe_loading():Operation not perm> Apr 26 13:49:57 intel sysmon[395284]: libbpf: failed to load object './/sysmonEBPFkern5.6-_core.o' Apr 26 13:49:57 intel sysmon[395284]: ERROR: failed to load prog: 'Operation not permitted' Apr 26 13:49:57 intel sysmon[395239]: Telemetry failed to start: eBPF object could not be loaded Apr 26 13:49:57 intel systemd[1]: sysmon.service: Control process exited, code=exited, status=12/n/a -- Subject: Unit process exited OS ubuntu 22

MarioHewardt commented 1 year ago

Hi - Are you running with sudo? Also, can you please add the additional information that is requested in the bug template?

v4lt0n commented 1 year ago

Hi, Im running this as root

MarioHewardt commented 1 year ago

Can you tell me more about your environment? Are you running this in a container? Also, please provide the information that is listed in the bug template when you create an issue:

Describe the bug A clear and concise description of what the bug is.

To Reproduce Steps to reproduce the behavior.

Sysmon version Version of Sysmon or if built from source.

Distro/kernel version The distribution and kernel version.

Sysmon configuration The Sysmon configuration when the issue occurred.

Logs Output of syslog with enough log entries to cover the timespan of the issue. Please run sysmon with the -t switch

Expected behavior A clear and concise description of what you expected to happen.

Additional context Add any other context about the problem here.

MarioHewardt commented 10 months ago

Hi - Closing this for now. Please feel free to re-open with the requested information.