search

Sysinternals / SysmonForLinux

MIT License
1.71k stars 181 forks source link

sysmonUnitTests fail on Ubuntu 22.04 #80

Closed adriankaylor closed 1 year ago

adriankaylor commented 1 year ago

There were no issues building SysinternalsEBPF or SysmonForLinux, but the sysmonUnitTests fails to get Process.ProcessName. I've done some light testing and everything else appears to work. I tried looking for an event that includes ProcessName, but I can't find it in my other sysmon logs or in the docs.

/home/XXX/SysmonForLinux/test/linuxRules.cpp:262: Failure
Expected equality of these values:
  strcmp( pName, test.match )
    Which is: -109
  0
/home/XXX/SysmonForLinux/test/linuxRules.cpp:262: Failure
Expected equality of these values:
  strcmp( pName, test.match )
    Which is: -109
  0
/home/XXX/SysmonForLinux/test/linuxRules.cpp:262: Failure
Expected equality of these values:
  strcmp( pName, test.match )
    Which is: -109
  0
[  FAILED  ] Process.ProcessName (83 ms)

Ending with:

[==========] 19 tests from 4 test suites ran. (641 ms total)
[  PASSED  ] 18 tests.
[  FAILED  ] 1 test, listed below:
[  FAILED  ] Process.ProcessName

 1 FAILED TEST
ion-storm commented 1 year ago

same issue here, any updates?

MarioHewardt commented 1 year ago

@adriankaylor - With the latest changes to Sysmon, I'm not able to reproduce this anymore. Could you try and let me know if it reproduces for you?

MarioHewardt commented 1 year ago

This should now be fixed.