I’m having some trouble with some linux machines that were recently brought into our environment. We traditionally have been a Windows only shop so this may be purely down to my own lack of knowlege.
We run an AV product called EndGame which we can detect a service for and the version of the executable from Windows without a problem.
In the ubuntu machines, I can only get an analysis to report that the service is running but I am not able to get a version to report back. We opened a ticket with vendor and apparently the only way to display the version from the client OS is to run “sudo/usr/sbin/esensor --version”
I’m only aware of the basics for analysis like version of “file” or version of service “service”, I cannot figure out how to get this command converted to use in an analysis for reporting and I am wondering if Sudo is getting in the way or there is a way to call the version in the same fashion as from the guest os terminal.
Any insights are greatly appreciated!