seph
-debug
option to get more verbose logs (also to the event logs). You can also run launcher in the foregroundsteve
06/14/2019, 4:06 AMPaulD
06/18/2019, 8:21 AMbenbass
06/19/2019, 3:48 PMbenbass
06/19/2019, 5:40 PMgroob
mbuono
06/20/2019, 4:50 PMJames Carr
06/21/2019, 1:57 PMgrant seltzer
06/21/2019, 5:53 PMNaomi Cuno
06/23/2019, 7:23 AMandybot
06/23/2019, 1:18 PMreadiness_probe
that requests the /healthz
endpoint via HTTPS, but my Ingress health check does not seem to inherit this behavior per GCP documentation.Paul Benoit
06/24/2019, 7:19 PMSelect Targets
field does not show me hostnames or labels that either: 1) have two or less characters 2) have two or less characters separated by hyphens in the name. Any help would be appreciated.YehonatanShami
06/25/2019, 8:28 AMbenbass
06/25/2019, 3:49 PMEd
06/26/2019, 12:57 PMFlngen Flugen
06/26/2019, 1:28 PMgrant seltzer
06/26/2019, 8:49 PMclong
06/26/2019, 9:34 PMGavin Chen
06/27/2019, 3:51 AMRobb Breck
06/27/2019, 3:17 PMJames Tam
06/28/2019, 1:47 AMkeko
06/28/2019, 5:00 PMYehonatanShami
07/01/2019, 12:17 PMycpr
07/01/2019, 1:27 PMosqueryd
with launcher
and fleet
? I'm trying to set up the simplest one-file configuration for filesystem
logger plugin, but no logs are created. This is it:PaulD
07/01/2019, 1:38 PMGavin Chen
07/01/2019, 7:27 PMBDavis15
07/01/2019, 8:43 PMBDavis15
07/03/2019, 4:31 PMbenbass
07/03/2019, 8:15 PMNico
07/03/2019, 8:35 PMselect * from time
running every 30s but I don't see any results from that. I can run manual queries and see the result in the UI fine, but nothing in firehose. When I do that I see Executing distributed query: kolide_distributed_query_45: SELECT * FROM time
sent to firehose but no actual result.
Here are the fleet env vars I'm using (excluding mysql and redis). I did a manual write to the stream with the same creds with awscli successfully (The role has permission to describe and put record batch).
export KOLIDE_LOGGING_DEBUG=true
export KOLIDE_FIREHOSE_REGION=${KOLIDE_CONFIG_FIREHOSE_REGION}
export KOLIDE_FIREHOSE_RESULT_STREAM=${KOLIDE_CONFIG_FIREHOSE_RESULT_STREAM}
export KOLIDE_FIREHOSE_STATUS_STREAM=${KOLIDE_CONFIG_FIREHOSE_STATUS_STREAM}
export KOLIDE_OSQUERY_RESULT_LOG_PLUGIN=firehose
export KOLIDE_OSQUERY_STATUS_LOG_PLUGIN=firehose
I'm using firehose with elasticsearch and s3 backup, and there is no failed delivery files in s3.
What is the best way to debug this issue? I don't see any errors in the fleet output itself.
Thanks!