PJ Meyer07/09/2020, 1:31 PM
when trying to set my smtp settings, but when checking the cert manually with
sending mail: startTLS error: x509: certificate has expired or is not yet valid
i get valid dates (july 7th 2020 - july 7th 2022)? has anyone else seen this?
harveywells07/09/2020, 4:01 PM
PJ Meyer07/09/2020, 7:24 PM
? i'm using Okta for this, seemed to have worked just fine in a dev instance i had set up
validation failed: session missing for request
nyanshak07/09/2020, 8:44 PM
1. What is meant by "small" here? 2. How frequently do these queries get run by the hosts? Is there a way to specify intervals / reduce the intervals? <thread>
# "additional" information to collect from hosts along with the host # details. This information will be updated at the same time as other host # details and is returned by the API when host objects are returned. Users # must take care to keep the data returned by these queries small in # order to mitigate potential performance impacts on the Fleet server. additional_queries: time: select * from time macs: select mac from interface_details
wtheaker07/09/2020, 10:22 PM
Ryan07/14/2020, 3:48 PM
. I tried running the same query on-demand against some of the missing hosts and they worked fine, but if I run
they return successfully, but with no records. Does anyone have any suggestions? Thanks 🙂
SELECT * FROM osquery_schedule
George O07/15/2020, 1:46 PM
Christian07/15/2020, 4:06 PM
Jason W07/15/2020, 7:47 PM
harveywells07/16/2020, 4:06 PM
wtheaker07/16/2020, 8:20 PM
to the internet and keep
behind VPN. Our network team wants to make the routing easier for them by having two different subdomains: fleet.acme.com and fleet-admin.acme.com Will having fleet-admin as the
breaking querying or anything?
Macear07/18/2020, 4:58 PM
koba07/21/2020, 8:28 AM
. I'm following FAQs to make sure I don't miss anything. Here is what i get when I curl the enroll endpoint.
Failed enrollment request to <https://something.com/api/v1/osquery/enroll> (Request error: certificate verify failed) retrying
❯ curl -v -X POST <https://something.com:443/api/v1/osquery/enroll> * Trying 220.127.116.11... * TCP_NODELAY set * Connected to <http://osquery.lalaland.com|osquery.lalaland.com> (18.104.22.168) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (OUT), TLS alert, unknown CA (560): * SSL certificate problem: self signed certificate * Closing connection 0 curl: (60) SSL certificate problem: self signed certificate More details here: <https://curl.haxx.se/docs/sslcerts.html> curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above.
Macear07/21/2020, 3:15 PM
Alon Starikov07/22/2020, 6:07 AM
fleet prepare db
PJ Meyer07/23/2020, 1:25 PM
maxwhite07/23/2020, 3:27 PM
nyanshak07/24/2020, 12:24 AM
fritz07/24/2020, 2:03 PM
Zach Zeid07/24/2020, 3:35 PM
crimsonknave07/24/2020, 4:38 PM
(It's database 17 on that redis cluster.) But, when I put that in the
entry I see `Warning! Live query disabled due to error: reading from redis: dial tcp: address tcp/6379/17: unknown port`when I go to run a live query.
Norberto Garcia Marin07/27/2020, 10:12 AM
Alon Starikov07/27/2020, 1:49 PM
Any ideas on where that could be coming from?
could not list packs: GET /api/v1/kolide/spec/packs: GET https://<server>:443/api/v1/kolide/spec/packs: read tcp <host>:<port>-><server>:443: read: connection reset by peer
harveywells07/27/2020, 5:26 PM
might be used that I’m not thinking of before upgrading. I’ve seen it when a host first enrolls with Fleet but otherwise we’re not intentionally using that elsewhere. How were folks using that data prior to the new release?
Reece Rodriguez07/27/2020, 7:59 PM
Chris B07/27/2020, 9:24 PM
Zach Zeid07/29/2020, 2:20 AM
Zach Zeid07/29/2020, 5:09 PM