Marc Roelofs03/30/2022, 12:04 PM
I got the following result :
/fleet-cve $ fleetctl vulnerability-data-stream --dir /fleet-cve/
when choosing a different path like /tmp it seems to work fine
[-] Downloading CPE database...Error: rename /tmp/cpe.sqlite2494941906 /fleet-cve/cpe.sqlite: invalid cross-device link
/fleet-cve $ fleetctl vulnerability-data-stream --dir /tmp
[-] Downloading CPE database... Done
[-] Downloading CVE data streams... Done
After that it was a simple mv from /tmp/<cvefiles> to /fleet-cve/ as the fleet user Trying to figure out if the invalid cross-device link is a Fleetdm issue or elsewhere. The /fleet-cve directory is mounted based on a kubernetes volumemount to a GCE persistent disk, and awful as it is , the dirs permissions are 777 Version 4.11.0 Any idea anyone ? Meanwhile waiting if the Home page results in a succesfull software capturing with the vulnerabilities ,( it says to wait an hour now 😉 )
[+] Data streams successfully downloaded!
Benjamin Edwards03/30/2022, 1:21 PM
Marc Roelofs03/30/2022, 1:53 PM
Noah Talerman03/30/2022, 2:49 PM
Home page will not show software and vulnerabilities anymore after updating from 4.7 to 4.10 and 4.11 .. Its bugging me and for the life of me I don’t see why ...Hey Marc, sorry that you’re experiencing this issue. As of 4.10, Fleet includes a “Hosts” count for each software item (see image below). Because calculating these counts on each request introduces significant load time, Fleet updates these counts at a configurable interval. Fleet also updates the list of software and “Vulnerabilities” at the same interval. This is why, when upgrading, it may take time for software to show at all. Thank you for your feedback. Hearing that the current “wait an hour” experience is frustrating is very helpful. This is something we’ll likely to improve in later Fleet versions. Please follow up in this thread if the software still does not show up. If so, there may be a different, unexpected issue going on.
Marc Roelofs03/30/2022, 3:06 PM
The output is exactly the same (aside from user and url of course) and a few newer parameters in 4.11.0 . Prod runs 590 clients , and test only 4 . I restarted ( scaled to 0 and 1 in K8s) after applying some "patches" to the vulnerabilities path, making both envs exactly the same. At this moment only 20 minutes to hit the 1 hour mark , but still no show on the home page yet ...
fleetctl get config --include-server-config
Kathy Satterlee03/30/2022, 5:14 PM
Marc Roelofs03/30/2022, 6:13 PM
Kathy Satterlee03/30/2022, 11:25 PM
Marc Roelofs03/31/2022, 6:03 AM