Hi, fleet community.
I'm new working with fleet, ...
# fleetd
Dayvidson Bezerra
03/22/2023, 12:54 PMHi, fleet community.
I'm new working with fleet, When I install the osquery in my Windows machines the vulnerabilities doesn't in the fleet frontend.
The software list is ok, But when exist the vulnerable software the cve doesn't show in the list and the KBs microsoft doesn't list too.
m
Marcos Oviedo
03/22/2023, 2:04 PMHi Dayvidson, can you mention which version of Fleet + Orbit are you using? Thanks!
d
Dayvidson Bezerra
03/22/2023, 5:45 PM@Marcos Oviedo
My fleet version is fleet-v4.28.1 and I am using direct osquery and not orbit.
Dayvidson Bezerra
03/22/2023, 5:55 PMI`m starting the osquery:
osqueryd --flagfile=flagfile.txt --verbose
k
Kathy Satterlee
03/22/2023, 6:59 PMAre you seeing any errors in the Fleet server logs?
d
Dayvidson Bezerra
03/22/2023, 7:18 PM@Kathy Satterlee
I don't receive error in my fleet server.
Dayvidson Bezerra
03/22/2023, 7:19 PMI started my fleet server with de code below:
fleet serve --mysql_address=127.0.0.1:3306 --mysql_database=fleet --mysql_username=root --mysql_password=xxxxx --redis_address=127.0.0.1:6379 --server_cert=/root/cert/fleet.crt --server_key=/root/cert/fleetdm.key --logging_json
k
Kathy Satterlee
03/22/2023, 8:37 PMDo you see any logging for the vulnerabilities cron?
d
Dayvidson Bezerra
03/23/2023, 1:52 AMHow can I see?
Dayvidson Bezerra
03/23/2023, 1:54 AM@Kathy Satterlee
"cron":"integrations","level":"info","schedule":"integrations","status":"pending","ts":"2023-03-22T192001.120461911Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"completed","ts":"2023-03-22T192001.132937009Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"pending","ts":"2023-03-22T193001.133331835Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"completed","ts":"2023-03-22T193001.139184242Z"}
{"level":"warn","op":"directIngestWindowsUpdateHistory","skipped":"KB id not found in VMware, Inc. - Display - 8.17.2.14","ts":"2023-03-22T193627.973314812Z"}
{"level":"warn","op":"directIngestWindowsUpdateHistory","skipped":"KB id not found in VMware, Inc. - System - 9.8.16.0","ts":"2023-03-22T193627.982176598Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"pending","ts":"2023-03-22T194001.15125487Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"completed","ts":"2023-03-22T194001.156754915Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"pending","ts":"2023-03-22T195001.154214169Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"completed","ts":"2023-03-22T195001.160045812Z"}
{"cron":"usage_statistics","level":"info","schedule":"usage_statistics","status":"pending","ts":"2023-03-22T200000.119581574Z"}
{"cron":"vulnerabilities","level":"info","schedule":"vulnerabilities","status":"pending","ts":"2023-03-22T200000.123562544Z"}
{"cron":"vulnerabilities","level":"info","periodicity":"1h0m0s","ts":"2023-03-22T200000.123614043Z"}
{"cron":"vulnerabilities","level":"info","msg":"scanning vulnerabilities","ts":"2023-03-22T200000.123638822Z"}
{"cron":"cleanups_then_aggregation","level":"info","schedule":"cleanups_then_aggregation","status":"pending","ts":"2023-03-22T200000.12652871Z"}
{"cron":"usage_statistics","level":"info","schedule":"usage_statistics","status":"completed","ts":"2023-03-22T200000.129209978Z"}
{"inf":"skipping verification of encryption keys as MDM is not fully configured","ts":"2023-03-22T200000.835483778Z"}
{"cron":"cleanups_then_aggregation","level":"info","schedule":"cleanups_then_aggregation","status":"completed","ts":"2023-03-22T200000.841888503Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"pending","ts":"2023-03-22T200001.161294244Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"completed","ts":"2023-03-22T200001.165771901Z"}
{"cron":"vulnerabilities","level":"info","msg":"skipping cve_meta parsing due to license check","ts":"2023-03-22T200014.157928414Z"}
{"cron":"vulnerabilities","level":"info","schedule":"vulnerabilities","status":"completed","ts":"2023-03-22T200040.877345283Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"pending","ts":"2023-03-22T201001.17078952Z"}
{"cron":"integrations","level":"info","schedule":"integrations","status":"completed","ts":"2023-03-22T201001.175972666Z"}
{"level":"warn","op":"directIngestWindowsUpdateHistory","skipped":"KB id not found in VMware, Inc. - Display - 8.17.2.14","ts":"2023-03-23T015205.202972858Z"}
{"level":"warn","op":"directIngestWindowsUpdateHistory","skipped":"KB id not found in VMware, Inc. - System - 9.8.16.0","ts":"2023-03-23T015205.203064608Z"}
Dayvidson Bezerra
03/23/2023, 1:54 AMThis info about cron?