Poornesh
07/29/2022, 5:08 AMKathy Satterlee
07/29/2022, 2:52 PMRafa
07/29/2022, 5:35 PMmarnin
07/29/2022, 7:50 PM400. Summary or Text is required
is on Fleet or Teams?
Jul 29 14:32:08 fleet fleet: {"component":"crons","cron":"webhooks:global_failing_policies","err":"posting to \"<https://domain.webhook.office.com/webhookb2/8c786114-5da2-44e3-b414-5b6ea83a0c9e@b92d2b23-4d35-4470-93ff-69aca6632ffe/IncomingWebhook/4d0f8d96de1b486aa8c9a46832bb0940/22c87884-c8a7-42d4-960f-8c2403708e9d>\": error posting to <https://domain.webhook.office.com/webhookb2/8c786114-5da2-44e3-b414-5b6ea83a0c9e@b92d2b23-4d35-4470-93ff-69aca6632ffe/IncomingWebhook/4d0f8d96de1b486aa8c9a46832bb0940/22c87884-c8a7-42d4-960f-8c2403708e9d>: 400. Summary or Text is required.","level":"error","msg":"failed to send failing policies","policyID":20,"ts":"2022-07-29T18:32:08.481657287Z","webhook":"failing_policies"}
Adam Connor
07/30/2022, 4:09 AMAdam Connor
07/31/2022, 3:07 AMTarek Talaat
08/01/2022, 6:29 PMRafa
08/01/2022, 9:15 PMjimmy
07/31/2022, 1:27 PMryan
08/03/2022, 1:37 PMNathaniel Strauss
08/03/2022, 3:08 PMpeanut butter
08/03/2022, 3:48 PMRafa
08/03/2022, 9:10 PMcron=vulnerabilities cron=vulnerabilities databases-path=/tmp/vulndbs
but I manually entered in this directory in each node and it is empty. This folder has read and write permissions. Is there another env that I have to set? Version 4.18jlk
08/04/2022, 1:26 AM$ fleetctl
/home/parallels/.nvm/versions/node/v16.16.0/lib/node_modules/fleetctl/install/v4.18.0/fleetctl: 1: Syntax error: "(" unexpected
jlk
08/04/2022, 1:51 AMfleetctl package --type=msi --fleet-url=<https://my.fqdn> --enroll-secret=adlfkjsadf --insecure --fleet-desktop
Generating your osquery installer...
standard_init_linux.go:228: exec user process caused: exec format error
Error: package root files: heat failed: exit status 1
jlk
08/04/2022, 1:52 AMOjas
08/04/2022, 5:56 AMVlad Previn
08/04/2022, 7:18 AMJason
08/04/2022, 12:31 PMJoe
08/04/2022, 4:42 PM[user@server ~]$ osqueryctl config-check
W0804 09:25:28.146324 9466 options.cpp:106] The CLI only flag --config_plugin set via config file will be ignored, please use a flagfile or pass it to the process at startup
W0804 09:25:28.146414 9466 options.cpp:106] The CLI only flag --config_tls_endpoint set via config file will be ignored, please use a flagfile or pass it to the process at startup
W0804 09:25:28.146471 9466 options.cpp:106] The CLI only flag --enroll_secret_path set via config file will be ignored, please use a flagfile or pass it to the process at startup
W0804 09:25:28.146488 9466 options.cpp:106] The CLI only flag --enroll_tls_endpoint set via config file will be ignored, please use a flagfile or pass it to the process at startup
W0804 09:25:28.146525 9466 options.cpp:106] The CLI only flag --logger_plugin set via config file will be ignored, please use a flagfile or pass it to the process at startup
W0804 09:25:28.146555 9466 options.cpp:106] The CLI only flag --tls_hostname set via config file will be ignored, please use a flagfile or pass it to the process at startup
W0804 09:25:28.146572 9466 options.cpp:106] The CLI only flag --tls_server_certs set via config file will be ignored, please usea flagfile or pass it to the process at startup
In addition when i try to configure the flag file i get the message below.
[user@server ~]$ osqueryd --verbose --flagfile /etc/osquery/osquery.flags
I0804 09:26:30.224347 9792 tls.cpp:255] TLS/HTTPS POST request to URI: https://*servername*/api/vi/osquery/enroll/
W0804 09:26:30.235630 9792 tls_enroll.cpp:101] Failed enrollment request to https://*servername*/api/vi/osquery/enroll/ (Cannot parse JSON: The document root must not be followed by other values. Offset: 4) retrying...
jlk
08/04/2022, 5:05 PM$ fleetctl package --type=msi --fleet-url=<https://my.net> --enroll-secret=asklfasdf
Generating your osquery installer...
Windows Installer XML Toolset Toolset Harvester version
Copyright (c) .NET Foundation and contributors. All rights reserved.
heat.exe : error HEAT5052 : The directory 'Z:\var\folders\zl\0hhbn0j13hn2znwtcjxd_h_h0000gn\T\orbit-package1632196701\root' could not be found.
Error: package root files: heat failed: exit status 188
peanut butter
08/04/2022, 5:24 PMArtem
08/04/2022, 9:07 PM/usr/local/bin/fleet prepare db --config /etc/fleetdm/fleetdm.yml
to use this command in non-interactive mode?
I would like to update Fleet using ansible-playbook, but often get a freeze during this stage, because this command waits for the action from user.Kathy Satterlee
08/04/2022, 9:35 PMjlk
08/04/2022, 9:42 PMArtem
08/04/2022, 10:01 PM{"component":"http","err":"select host software: Error 1267: Illegal mix of collations (utf8mb4_general_ci,IMPLICIT) and (utf8mb4_0900_ai_ci,IMPLICIT) for operation '='","level":"error","method":"GET","took":"935.677µs","ts":"2022-08-04T21:52:52.216165861Z","uri":"/api/latest/fleet/software?page=0\u0026per_page=20\u0026order_key=hosts_count\u0026order_direction=desc","user":"artem"}
{"component":"http","err":"count host software: Error 1267: Illegal mix of collations (utf8mb4_general_ci,IMPLICIT) and (utf8mb4_0900_ai_ci,IMPLICIT) for operation '='","level":"error","method":"GET","took":"814.587µs","ts":"2022-08-04T21:52:52.216283256Z","uri":"/api/latest/fleet/software/count?scope=softwareCount","user":"artem}
Could you please help me to find the way to solve it?
It’s possible to recreate a several tables, but I’m not sure about the results.Artem
08/05/2022, 7:53 AMGuillaume
08/05/2022, 3:51 PMJason
08/05/2022, 4:28 PMArtemis Tosini
08/05/2022, 4:55 PM