Dan Achin
02/18/2021, 6:27 PMDan Achin
02/18/2021, 10:32 PMMacear
02/19/2021, 7:24 AMArtem
02/20/2021, 6:17 AMManuel
02/20/2021, 9:17 AMdemonbhao
02/22/2021, 8:49 AMjby
02/22/2021, 3:50 PMosquery-in-a-box
as a test on a remote server
My computer restarted
My browser apparently cleared cookies
I don’t remember my admin-password
I don’t have email configuredIan Muscat
02/23/2021, 9:58 AM3.7.1
) and it seems that when envvars are specified using the FLEET_
prefix (as opposed to KOLIDE_
) nothing works and default values are used. Modifying the chart to use KOLIDE_
fixes the issue, but I’d rather not deploy something new with deprecated configuration 😉 https://github.com/fleetdm/fleet/pull/301 seems to be the PR that made this change, so I’m wondering if perhaps the change to use FLEET_
prefix is still forthcoming (and the chart was updated ahead of time)? Thanks!SK
02/24/2021, 10:56 AMenroll failed: no matching secret found
this means that the enroll_secret in the osquery agent is for some reason not correct right?andrei
02/24/2021, 1:18 PMmysql | 2021-02-24T12:15:39.082521Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
mysql | 2021-02-24T12:15:39.124073Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.0.23' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server - GPL.
mysql | mbind: Operation not permitted
fleet_1 | Migrations completed.
fleet_1 | {"component":"service","err":null,"level":"info","method":"ListUsers","took":"1.5976ms","ts":"2021-02-24T12:15:56.4871854Z","user":"none"}
fleet_1 | {"address":"0.0.0.0:8080","msg":"listening","transport":"https","ts":"2021-02-24T12:15:56.4884663Z"}
fleet_1 | {"terminated":"open /tmp/server.cert: no such file or directory","ts":"2021-02-24T12:15:56.4908412Z"}
fleet3_fleet_1 exited with code 0
When I run "netstat -an" I can see active connections on the ports 3600(MySQL) and 6379(Redis), but none on port 8412. However I tried to do the same with MySQL 5.7.32 instead of MySQL 8.0, but I can't see any big difference: mysql | 2021-02-24T12:31:48.479241Z 0 [Note] mysqld: ready for connections.
mysql | Version: '5.7.32-log' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server (GPL)
fleet_1 | Migrations completed.
mysql | 2021-02-24T12:31:57.688914Z 3 [Note] Aborted connection 3 to db: 'kolide' user: 'root' host: '172.25.0.2' (Got an error reading communication packets)
fleet_1 | {"component":"service","err":null,"level":"info","method":"ListUsers","took":"883µs","ts":"2021-02-24T12:31:57.7522451Z","user":"none"}
fleet_1 | {"address":"0.0.0.0:8080","msg":"listening","transport":"https","ts":"2021-02-24T12:31:57.7531963Z"}
fleet_1 | {"terminated":"open /tmp/server.cert: no such file or directory","ts":"2021-02-24T12:31:57.7539713Z"}
mysql | 2021-02-24T12:31:57.755718Z 4 [Note] Aborted connection 4 to db: 'kolide' user: 'root' host: '172.25.0.2' (Got an error reading communication packets)
fleet3_fleet_1 exited with code 0
. By the way, I also tried to run the fleet image I pulled from docker concurrently with MySQL and Redis, but once again there's some issues with the database: ts=2021-02-24T12:59:17.5333641Z mysql="could not connect to db: dial tcp 127.0.0.1:3306: connect: connection refused, sleeping 14s"
Error initializing datastore: dial tcp 127.0.0.1:3306: connect: connection refused.
Does anyone have an advice on how to correctly set up fleet and all its dependencies? I uploaded the docker-compose.yml in the attachments.defensivedepth
02/24/2021, 3:53 PMresults_*
) once it gets them?
Based on what I am seeing in the code, it looks like it is just a normal pub/sub setup, but just wanted to check.defensivedepth
02/25/2021, 4:28 PMzwass
spookerlabs
02/25/2021, 7:08 PMconfig_refresh:10
to 60 as other fields I changed but looking into new drilldown it seems like nothing changed. Is it possible to change config_refresh using fleetctl ?Dan Achin
02/25/2021, 10:04 PMMike Hill
02/26/2021, 7:21 PMnyanshak
02/26/2021, 9:00 PMIan Muscat
03/01/2021, 11:43 AMfleetctl
available via package managers (e.g. Brew)? Currently, I download the release from GitHub manually, but it would be nice to be able to do this via package managers too :)defensivedepth
03/01/2021, 5:01 PMdemonbhao
03/03/2021, 8:38 AMarod
03/03/2021, 1:08 PMSELECT * FROM users;
-> Receiving a response with JSON?
https://github.com/fleetdm/fleet/blob/master/docs/1-Using-Fleet/3-REST-API.md#run-live-query
This only returns a "query campaign". Or I'm I missing something. I'd like the results over the API.nyanshak
03/03/2021, 4:11 PMzwass
sanjaykcse
03/04/2021, 6:13 AMSK
03/04/2021, 9:43 AMdemonbhao
03/04/2021, 9:58 AMJoshua Schmitt
03/04/2021, 10:49 PMnyanshak
03/05/2021, 12:26 AMMike Myers
03/05/2021, 1:51 AMFrancisco Huerta
03/05/2021, 9:17 AM