Mario Hewardt

icon indicating a website link https://hachyderm.io/@mariohewardt

icon company Microsoft icon location Seattle icon location Principal Software Engineer, Azure Office of the CTO at Microsoft (Sysinternals). Author of Advanced Windows Debugging and Advanced .NET Debugging.

Results 123 comments of Mario Hewardt

Build errors concerning discoverOffsets.c

Hi - Sysmon for Linux is currently only available on amd64. We haven't tested/fixed for other architectures yet.

Problems logging rules

There was an issue with the rule names which I just fixed. If you want to give it a try and let me know that would be great. For now...

Problems logging rules

Closing since you were able to verify it now works.

Is RHEL7 supported?

I've pushed a fix that should resolve the issue on RHEL8. You will have to run getOffsets (https://github.com/Sysinternals/SysinternalsEBPF/tree/main/getOffsets) to get this to work.

License conflict

Hi - Agreed, it does create some confusion. I've removed the EULA

Missing #include <cstdio> in networkTracker.cpp

Closing for now. Please reopen if the issue persists with the latest changes.

Create shell scripts to install per distro dependencies for build

I've removed the dependency on Mono and updated all the build instructions.

add systemd hardening options - #26

Sorry for the delay here. I'll spend some time next couple of days testing this out and let you know.

sysmonUnitTests fail on Ubuntu 22.04

@adriankaylor - With the latest changes to Sysmon, I'm not able to reproduce this anymore. Could you try and let me know if it reproduces for you?

sysmonUnitTests fail on Ubuntu 22.04

This should now be fixed.