jby
11/25/2020, 3:00 PMdemonbhao
11/26/2020, 6:48 AMJan Jacobs
11/26/2020, 6:57 PMvaar
11/28/2020, 7:14 PMjby
11/30/2020, 11:53 AMRyan
11/30/2020, 5:34 PMccombs
12/01/2020, 5:30 PM--config_tls_endpoint
flag. Does fleet not implement this?Dan Achin
12/01/2020, 6:49 PMCptOfEvilMinions
12/01/2020, 11:54 PMfleetdm/fleet:3.4.0
) I still see logos for Kolide and it appears to be the Kolide UI and not the new FleetDM UI. I even tried the osquery-in-a-box and got the same result, is this expected?
Github repo with Docker build: https://github.com/CptOfEvilMinions/FleetDM-Dockerjby
12/02/2020, 8:44 AMosquery-in-a-box
setup, I can populate it with data from a Linux (Fedora 32) host by running osqueryd manually from the command line:
osqueryd --flagfile /etc/osquery/flags.txt --config_path /etc/osquery/osquery.conf
But starting osqueryd using systemctl doesn’t work, I’ve checked /etc/sysconfig/osqueryd and it points to the same files as I point to running it manually (and can be verified by running ps
after starting) but still it doesn’t communicate with my fleet instance.
Anyone seen the same and found a solution?Dan Achin
12/02/2020, 11:57 PMkoba
12/03/2020, 2:10 PMmikermcneil
12/03/2020, 5:28 PMGavin
12/03/2020, 6:08 PMzwass
fleetctl apply -f secrets.yml
that looks like this:
---
apiVersion: v1
kind: enroll_secret
spec:
secrets:
- active: true
created_at: "2020-11-18T17:18:48Z"
name: default
secret: fTp52/twaxBU6gIi0J6PHp8o5Sm1k1kn
- active: true
created_at: "2020-11-18T17:18:48Z"
name: foo
secret: fTp52/twaxBU6gIi0J6PHp8o5Sm1k1kn
- active: true
created_at: "2020-11-18T17:18:48Z"
name: bar
secret: fTp52/twaxBU6gIi0J6PHp8o5Sm1k1kn
demonbhao
12/08/2020, 6:34 AMArtem
12/08/2020, 1:47 PMZach Zeid
12/08/2020, 11:38 PMAlejandro
12/09/2020, 10:13 AMAhmed
12/10/2020, 2:44 AMChad Priest
12/10/2020, 6:11 PMzwass
Zach Zeid
12/11/2020, 12:31 PMFailed enrollment request to https://
I highly suspect it's something to do with my tls cert on the fleet having been expired, but the osquery flagfile isn't referencing mTLS config options, instead relying on the enrollment secret.wtheaker
12/11/2020, 9:48 PMZach Zeid
12/11/2020, 10:15 PMZach Zeid
12/11/2020, 10:15 PMWojtek
12/14/2020, 10:19 AMjby
12/14/2020, 12:51 PMosquery-in-a-box
docker setup?nyanshak
12/14/2020, 6:50 PMfleetctl get carves --help
, I don't see any help text for:
• --stdout / --outfile (so I don't know those options exist)
• and I know the docs exist and mention tar out, but it took me a minute to figure out that carves would be in a tar archiveJuan Alvarez
12/14/2020, 6:56 PM