Channels
- l
Luke Walker
4 months agoany documentation on what permissions osquery needs to run? working a strange case where osqueryi.exe on Windows 10 dies with exit code -1073741511 (0xC0000139), and no other message. Execution is being handled by an RMM, but it is running under LocalSystem/SYSTEM. 
Stefano Bonicatti
4 months agoWhat version of osquery?
That message might be relative to the fact that’s not finding a dll it needs to run. That been said, osquery can also run as a normal user, you won’t have access to everything in the tables, but it shouldn’t be unable to run, especially not throw an exception- l
Luke Walker
4 months agowish I knew which DLL it was talking about then
version is 5.2.1
if I move osqueryi.exe directly into
, it works. Might be something quirky with environment & .NET, I'll have to go digging there later. At least it works now.%windir%\System32
View count: 2