FuzzySecurity
commented
5 years ago Thank you for the report, I will get a fix for this in the next release :thumbsup:
Closed ion-storm closed 5 years ago
FuzzySecurity
commented
5 years ago Thank you for the report, I will get a fix for this in the next release :thumbsup:
FuzzySecurity
commented
5 years ago This is fixed now in v0.8. At runtime I am checking if "ETW Collector" exists as a source and remove it if it does. I then associate a unique source name with the eventlog log ("SilkETW Collector" or "SilkService Collector").
You don't need to remove the existing log before using the update but you should be aware that until you reboot the source name will incorrectly show "ETW Collector" for new events. This doesn't stop it from working though.
The sourcename for SilkService "ETW Collector" is the same as SilkETW, if they are both registered, it will prevent silkservice from logging to the eventlog.