Encountered the following error if running .\endpoint-security.exe verify in PowerShell:
Program 'endpoint-security.exe' failed to run: Windows cannot verify the digital signature for this file. A recent
hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be
malicious software from an unknown sourceAt line:1 char:1
+ .\endpoint-security.exe verify
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.
At line:1 char:1
+ .\endpoint-security.exe verify
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [], ApplicationFailedException
+ FullyQualifiedErrorId : NativeCommandFailed
Good Morning, thanks for checking out endpoint-security. Currently the endpoint binary is only test signed in the snapshot builds. In order for it to run, test signing will have to be enabled on the machine you're attempting to run it on.
@hendry.lim - thanks for trying out Elastic Endpoint Security!
The endpoint security capabilities are available in 7.9 are in the basic licensing tier. You should see these under the Security app (previously, the SIEM app) in the Kibana UI. Can you verify which version of Kibana you are using? (If you’re not using the 7.9.0 snapshot of Kibana, you will not see the Security app in the UI)
I just found out (silly me) that the events have to be endpoint generated events for the button to be enabled.
Which button are you referencing?
Regarding licensing, the capabilities available today will remain in Basic in 7.10. Future releases may have capabilities that will only be available in Gold + tiers.
This is the first time that the Elastic Endpoint will be released under Basic, so this is my first chance to explore it. We have a Platinum Trial license, but this was only available in Enterprise license, hence the question regarding the licensing.
In fact, I have been exploring and testing out different aspects of 7.9.0-SNAPSHOT releases and reporting issues/bugs that I found to GitHub directly.
In addition, one of our Elastic customers is planning to do pilot deployment of Elastic Agent when 7.9.0 is released, hence it is my responsibility to advise them on the gotchas/limitations on this first beta release.
Deployment was easy with the Elastic Agent, but I have never tried to deploy a standalone endpoint-security agent. However, in this version, there is not much configuration can be done on the endpoint-security agent.
Just a little bit of background info, the company I am working with is an Elastic focus partner in SG. Our partner manager is Anthony Jose.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.