#windows - Does anyone know why I'd be ge

Channels

a
Adam S
5 months ago
Does anyone know why I'd be getting this error with osqueryi "W0107 10:18:27.182194 1508 options.cpp:101] Cannot set unknown or invalid flag: utc" - installed via chocolatey and is version 5.2.0.
s
sharvil
5 months ago
```
utc
```
flag was removed in version 5.2.0
a
Adam S
5 months ago
this was a brand new install, not settings have been changed.
Stefano Bonicatti
5 months ago
Ah, it has been removed but we did not remove it from the
```
osquery.example.conf
```
which on Windows (only) is renamed and used as a base
```
osquery.conf
```
a
Adam S
5 months ago
so temporarily, i'll need to edit the osquery.conf file on the install?
s
sharvil
5 months ago
yep, just remove the
```
utc
```
line from the config file
a
Adam S
5 months ago
Seems like there may be a little more that needs to be updated in the default osquery.conf file for windows. Removing the line for utc is causing the conf to be invalid. "update failed to parse config" after removing the "utc" line.
s
sharvil
5 months ago
Make sure it’s valid json? The trailing comma from the line above might need to be removed too

View count: 2