Martin Langhoff
02/08/2021, 8:00 PMdefensivedepth
02/12/2021, 7:21 PMcaller=log.go:124 ts=2021-02-12T18:36:25.1750169Z caller=level.go:63 level=error caller=updater.go:83 msg="Error running updater. Will retry" err="launching osqueryd.exe updater service: pinging notary server failed: ping: Get \"<https://notary.kolide.co/_notary_server/health>\": unexpected EOF"
Bacarus
02/17/2021, 10:55 AMGeorge
02/18/2021, 8:58 AMcaller=level.go:63 level=info caller=log.go:69 component=osquery level=stderr msg="...
messages, has anyone else seen this issue?seph
Bacarus
02/19/2021, 4:07 PMRUN GO111MODULE=on go run cmd/make/make.go -targets=launcher,extension -linkstamp $FAKE
RUN GO111MODULE=on go run cmd/make/make.go -targets=launcher,osquery-extension.exe -linkstamp $FAKE
and
RUN cp build/linux/* /usr/local/kolide/bin/
RUN cp build/linux.amd64/* /usr/local/kolide/bin/
I’ve taken a look at kolide/fpm but I don’t understand very well how it works.
What should I do if I want a simple rpm to deploy to hosts and how can I configure the launcher? (I’d like to build an rpm package that it will be launched at the startup like the msi for windows)cwhits
02/23/2021, 4:12 PMcwhits
02/23/2021, 4:13 PMlauncher \
--hostname=<http://fleet.example.net:443|fleet.example.net:443> \
--root_directory=/var/kolide-fleet \
--enroll_secret=32IeN3QLgckHUmMD3iW40kyLdNJcGzP5
manoj434
03/08/2021, 4:29 AMallister
03/08/2021, 5:00 AMSeán O'Halloran
03/09/2021, 5:53 PMplatforms: darwin
and this works, like so:
overrides:
platforms:
darwin:
exclude_paths:
downloads:
- /Users/%/Downloads/ignore/%%
file_paths:
downloads:
- /Users/%/Downloads/%%
However I want to have another set of paths targeting CentOS.
The centos platform definition doesn’t seem to work for whatever reason. Can you scope FIM any other way, such as by label?fritz
03/30/2021, 5:03 PMhilt
04/01/2021, 12:47 AMmaxwhite
04/15/2021, 2:29 PMK2
and installed and removed a couple of times) for which the Slack installer does not seem to work anymore (all other "fresh" installs do work) I did try to cleanup everything related in ``/Library/LaunchDaemons/``, ``/usr/local/kolide[-k2]`` and ``/etc/kolide[-k2]`` and ``/var/kolide[-k2]`` , rebooted and reinstalled but I am still not detected by the server/Slackbot;
I know it is running though:
ps -e | grep -i kolide
1854 ?? 0:01.64 /usr/local/kolide-k2/bin/launcher -config /etc/kolide-k2/launcher.flags
1862 ?? 0:00.53 /usr/local/kolide-k2/bin/osqueryd-updates/1616771621/osqueryd --logger_plugin=kolide_grpc --distributed_plugin=kolide_grpc --disable_distributed=false --distributed_interval=5 --pack_delimiter=: --host_identifier=uuid --force=true --disable_watchdog --utc --config_refresh=300 --config_accelerated_refresh=30 --augeas_lenses=/var/kolide-k2/k2device.kolide.com/augeas-lenses --pidfile=/var/kolide-k2/k2device.kolide.com/osquery.pid --database_path=/var/kolide-k2/k2device.kolide.com/osquery.db --extensions_socket=/var/kolide-k2/k2device.kolide.com/osquery.sock --extensions_autoload=/var/kolide-k2/k2device.kolide.com/osquery.autoload --extensions_timeout=10 --config_plugin=kolide_grpc
1863 ?? 0:00.02 /usr/local/kolide-k2/bin/osquery-extension.ext --socket /var/kolide-k2/k2device.kolide.com/osquery.sock --timeout 10 --interval 3
2375 ttys000 0:00.00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS --exclude-dir=.git --exclude-dir=.hg --exclude-dir=.svn --exclude-dir=.idea --exclude-dir=.tox -i kolide
Any idea? Thank you!MarkMurdock
04/29/2021, 8:38 PMMarkMurdock
05/16/2021, 4:35 PMMarkMurdock
05/20/2021, 9:45 PMMarkMurdock
05/27/2021, 8:05 PMhilt
06/17/2021, 1:59 AMhilt
06/17/2021, 5:46 AMabraham linkolan
07/13/2021, 1:39 PM"osquery api api/v1/kolide/queries/run_by_names
We putting the parameters as we supposed to (including the target) but we get an error -
run query : no hosts targeted
It happens once in a while - not every time, although we put the same parameters each time.
We don't know why it happens, if someone had this problem before or know something about it i will be more than happy to know.Travis
07/27/2021, 11:14 PMhilt
08/05/2021, 6:58 AMhilt
08/05/2021, 7:01 AMfunction Get-Networks {
function Convert-ByteArrayToString {
[CmdletBinding()] Param (
[Parameter(Mandatory = $True, ValueFromPipeline = $True)] [System.Byte[]] $ByteArray
)
$Encoding = New-Object System.Text.ASCIIEncoding
$Encoding.GetString($ByteArray)
}
Add-Type -Path \".\nativewificode.cs\"
$WlanClient = New-Object NativeWifi.WlanClient
$WlanClient.Interfaces | ForEach-Object { $_.Scan() }
# check scan progress for each interface
$scanInProgress = \"false\"
do {
$scanInProgress = \"false\"
$WlanClient.Interfaces | ForEach-Object {
$ip = $_.scanInProgress
if ($ip -eq \"True\") {
$scanInProgress = \"true\"
}
};
Start-Sleep -Milliseconds 250
} while ($scanInProgress -eq \"true\")
$WlanClient.Interfaces |
ForEach-Object { $_.GetNetworkBssList() } |
Select-Object *,@{Name=\"SSID\";Expression={(Convert-ByteArrayToString -ByteArray $_.dot11ssid.SSID).substring(0,$_.dot11ssid.SSIDlength)}},
@{Name=\"BSSID\";Expression={[string]::join(\":\",($_.dot11Bssid | ForEach-Object {\"{0:X2}\" -f $_}))}} |
ConvertTo-Json
}
Get-Networks
hilt
08/11/2021, 8:27 PMfritz
09/14/2021, 12:12 PMTravis
09/15/2021, 11:26 PMfritz
09/17/2021, 3:52 PMterracatta
MarkMurdock
10/19/2021, 9:54 PMC:\Go\src\<http://github.com|github.com>\kolide\launcher\build>..\build\package-builder make --hostname=<http://uscolo1fleet01.corp.dir.spartech.com:8080|uscolo1fleet01.corp.dir.spartech.com:8080> --enroll_secret=RYQ2Q8knFcFzH1J/LHyEnqZkRbb+x3Ah
could not generate packages: making package: packaging, target windows-service-msi: getting asset kolide.ico: open kolide.ico: file does not exist