Looks like sysmon was updated yesterday 4/28/2020 and latest release is crashing in vagrant windows server/domain controller image:
TASK [sysmon : install sysmon with defined config] *****************************
fatal: [attack-range-windows-domain-controller]: FAILED! => {"changed": true, "cmd": "\"c:\\Program Files\\ansible\\sysmon\\sysmon64.exe\" -n -accepteula -i \"c:\\Program Files\\ansible\\SysmonConfig-TSwift.xml\"", "delta": "0:00:00.562545", "end": "2020-04-29 07:35:20.433389", "msg": "non-zero return code", "rc": 3221225477, "start": "2020-04-29 07:35:19.870843", "stderr": "", "stderr_lines": [], "stdout": "\r\nSystem Monitor v11.0 - System activity monitor\r\nCopyright (C) 2014-2020 Mark Russinovich and Thomas Garnier\r\nSysinternals - www.sysinternals.com\r\n\r\n", "stdout_lines": ["", "System Monitor v11.0 - System activity monitor", "Copyright (C) 2014-2020 Mark Russinovich and Thomas Garnier", "Sysinternals - www.sysinternals.com", ""]}
PLAY RECAP *********************************************************************
attack-range-windows-domain-controller : ok=40 changed=34 unreachable=0 failed=1 skipped=2 rescued=0 ignored=0
Traceback (most recent call last):
File "attack_range.py", line 151, in <module>
controller.build()
File "/Users/jhernandez/splunk/attack_range/modules/VagrantController.py", line 54, in build
v1.up(provision=True)
File "/Users/jhernandez/splunk/attack_range/venv/lib/python3.7/site-packages/vagrant/__init__.py", line 337, in up
self._call_vagrant_command(args)
File "/Users/jhernandez/splunk/attack_range/venv/lib/python3.7/site-packages/vagrant/__init__.py", line 963, in _call_vagrant_command
stderr=err_fh, env=self.env)
File "/usr/local/Cellar/python/3.7.4/Frameworks/Python.framework/Versions/3.7/lib/python3.7/subprocess.py", line 347, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/usr/local/bin/vagrant', 'up', '--provision']' returned non-zero exit status 1.
Looks like sysmon was updated yesterday 4/28/2020 and latest release is crashing in vagrant windows server/domain controller image: