Nedim Šabić²

Hey @cocowalla! Thanks. During bootstrap, Fibratus builts a [snapshot](https://www.fibratus.io/#/kevents/process?id=process-state) of running processes that are published on behalf of the NT Kernel Logger provider. Each process in the snapshot contains the...

Hi @LordNoteworthy, Correct, it was Python, but I rewrote/redesigned from scratch in Go, a couple of years ago. There is still possibility to run the Python code (filaments) via CPython...

> Mainly Linux and OSX. Some folks will be running this pkg on linux containers or something alike It crystallized after you mentioned `pe` underpins the Saferwall service which would...

It would be nice if go-zookeeper had a native support for setting TTL on nodes.

Hi @jrcribb Thanks for the bug report! Meanwhile the fix lands, you can work around this by specifying the config file path: ```bash fibratus run --config-file=d:\software\fibratus\config\fibratus.yml ```

Hi @subvert0r , Thanks for raising this issue. Under which circumstances do you observe lost events, i.e. rule context or when setting the filter with both event type and registry...

Hey @subvert0r , Did you have a chance to follow up with this?

Thanks @dfirence! Process integrity level, privileges, token information, etc. is certainly on my radar. :) If I provide some general guidelines on how to enrich process state with this new...

@dfirence you marked this issue as completed but I'm not seeing any backing PRs. Was this intended?

Understood. It is fine to keep the issue open as I'll be tackling this in near future.