question

Hello,
we are fully upgraded sysmon to last version 13.31. During upgrade I found out that 3 servers had problem with upgrade:

The computer has rebooted from a bugcheck. The bugcheck was: 0x00000171 (0x000000006e737276, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000).

From mini dumps I saw that issue is related driver rspndr.sys. Mentioned servers are not clusters only standalone servers then bugcheck is surprise (https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/bug-check-0x171--cluster-csv-clussvc-disconnect-watchdog).

I used standard steps for uninstall previous version by running command: c:\windows\sysmon64.exe -u force

I nstalled the new version of Sysmon with the new configuration by running command: sysmon64.exe -accepteula -i c:\temp\Sysmon_13.31_conf.xml

Do you know more about mentioned issue? Exist any steps how to fixed? OS is windows 2012.

Best regards

Jan