Forum Discussion
ATP sensor on Server 2016 DC crashing.
MicrosoftCan you share in a private message:
What is the workspace ID ?
What is the machine name?
What version of the sensor package are you using ? is it the latest?
I want to focus on it and see what telemetries it is sending.
Does it also happen on a fresh machine or only on this one?
The updater service kicks in every 30 sec or so, and only does something if it finds a new version at the back end, which happens mostly once a week unless we need to patch something quickly, so unless you are using an old package, the updater should not really do anything post running for the first time until we really release a new version. (newest today is 2.106)
Thanks for the assist. I guess to help others. In my case a 3rd party app was pushing out Nmap and along with it came Npcap. I hadn't noticed because it wasn't by the typical methods of installs we utilize. As well as there was no trace of Nmap itself. Once I ran ProcMon once again with some slight modifications to the filter as suggested by EliOfek I was able to find the culprit and fix my issue. The problem is now gone and I have documentation for historical sake.
Thanks again.