https://github.com/osquery/osquery logo
Join Slack
Powered by
Is anyone else seeing ```ts=2024-03-26T10:56:19.74...
# fleet
e
Is anyone else seeing
Copy code
ts=2024-03-26T10:56:19.744066203Z cron=vulnerabilities msg="NVD request returned error" err="unexpected status 503 with body <html><body><h1>503 Service Unavailable</h1>\nNo server is available to handle this request.\n</body></html>\n" retry-in=30s
and having issues populating vulnerability data? Could this be related to the NVD service "issues" that has been mentioned?
o
yes
k
I think the NVD issues are a delay in issuing/analyzing CVEs. There was also an update to V2 of the NIST API that requires Fleet v4.41.0 https://fleetdm.com/announcements/nvd-api-2.0
e
Okay, thanks. I'm running Fleet v4.47.1 at the moment - so hoping it was just a one off issue
o
i too am on 4.44 but still i see this in my logs. And as mentioned above my automations for vulnerabilities is not working
Just upgraded to latest and still see this err {“cron”“vulnerabilities”,“err”“unexpected status 503 with body <html><body><h1>503 Service Unavailable</h1>\nNo server is available to handle this request.\n</body></html>\n”,“msg”:“NVD request returned error”,“retry-in”“30s”,“ts”“2024-03-26T150150.949733168Z”}
Getting more and more of it 😕
e
I'm running this as AWS ECS Fargate, I just killed the task and started a new one. No issues seen since
k
@Ojas in that case I would troubleshoot it like a normal issue, I was able to pull from NIST API V2 manually, and my Fleet instance is still pulling in data
o
@Keith Swagler can you shed more light on trouble shoot. Manual one works but how do i trouble shoot the automation side of fleet. Do i need to make any config changes or anything ? i dont see any options for NIST API to be manually filled and tested in UI
Still waiting for some support on this issue^^ && Fleet managed automation not working since upgraded to latest. Not sending new CVE’s to webhook. Anyone in community got idea about it ?
2 Views
Open in Slack
PreviousNext
Powered by