Wojtek
12/15/2020, 10:16 AMWojtek
12/15/2020, 10:53 AMArtem
12/15/2020, 1:40 PMsha256sum fleet.zip
command returns different result 1476e27814861bc7964f1c0db122cb156d56996f1612518c330c522ba24368f4
for fleet.zip in http://github.com/fleetdm/fleet/releases/tag/3.5.1. Is it okay?Artem
12/15/2020, 2:17 PMosquery_scheduled
returned denylisted=1 for query, but without any hardware utilization metrics. In my opinion, it looks like mismatch. Is it a way to remove this special query from denylist without direct access to client laptop and not to wait 24 hours?CptOfEvilMinions
12/15/2020, 5:49 PMmysql_password
accepts a string but is it possible to provide a path to a file that contains the password, say to a Docker secret: /run/secrets/fleetdm-mysql-password
? I assume the answer is it’s not supported currently but I wanted to ask.maxwhite
12/15/2020, 8:02 PMlauncher
works with the new fleet
? If not, what is the preferred method to deploy? (We were packaging launcher
and deploying it through MDM)
Thank you,demonbhao
12/16/2020, 3:55 AMkoba
12/16/2020, 9:10 AMWojtek
12/16/2020, 11:20 AMSeth Hanford
12/16/2020, 8:11 PMDan Achin
12/16/2020, 10:03 PMGitHub (Legacy)
12/18/2020, 12:09 AMGitHub (Legacy)
12/18/2020, 3:45 AMCptOfEvilMinions
12/18/2020, 6:04 PMAhmed
12/18/2020, 6:20 PMnyanshak
12/18/2020, 10:20 PMChris Reisor
12/22/2020, 4:29 PMdb.m4.4xlarge
type host. Is that normal? Why are there so many database connections?Chris Reisor
12/22/2020, 4:30 PM/tmp/osquery_status
files. My gut says this is related to the lack of database connections (like, osquery_status gets cleared when it gets written to the database, or something). Is that correct?Chris Reisor
12/23/2020, 9:42 PMJuan Alvarez
12/28/2020, 10:48 AMoverrides
section for all linux platforms? In example, i want to enable enable_syslog
flag for all linux boxes, from what i see i need to have a section for ubuntu, rhel, centos... isnt it?demonbhao
01/04/2021, 10:13 AMWojtek
01/05/2021, 8:45 PMDan Achin
01/06/2021, 8:17 PMdemonbhao
01/08/2021, 9:06 AMZach Zeid
01/08/2021, 5:15 PMDan Achin
01/11/2021, 7:28 PMgrant seltzer
01/11/2021, 8:45 PMZach Zeid
01/13/2021, 6:45 PMCore
and Basic
?Dan Achin
01/13/2021, 6:59 PMzwass
01/13/2021, 7:45 PMzwass
01/13/2021, 7:45 PMJustin Bowen
01/13/2021, 8:03 PMzwass
01/13/2021, 8:25 PMCarlo Miguel Cruz
01/13/2021, 8:41 PMerr":"enrolling host: transport error in enrollment: rpc error: code = Unavailable desc = unavailable"
) from launcher. The fleetdm web console also gets HTTP error 502 Bad Gateway
on HTTP2. The web console gets HTTP error 464
when we set the target group to gRPC. That is why we went back to using NLB.zwass
01/13/2021, 10:00 PMCarlo Miguel Cruz
01/14/2021, 5:20 AMrpc error: code = Unavailable desc = unavailable
so we can act on it. We are still investigating as well. Were there similar reports like this before?--insecure --insecure_transport
still did not allow gRPC to connect directly to the fleetdm server.
So what we did for now is to terminate SSL on the application load balancer for the UI using AWS ACM. We used a separate network load balancer for the gRPC connection and just terminated the SSL directly on the fleetdm pods using a self-signed certificate. We have separate endpoints now for accessing the UI and for the gRPC connections.
Thanks for helping us. I hope you may find our feedback useful as well. All the best!