https://github.com/osquery/osquery logo
Powered by
Title
j

JojoD

04/04/2022, 4:05 PM
Hi there! hope u are doing great! I was trying to enable the software inventory option using the env variables below: 
ENABLE_SOFTWARE_INVENTORY: true
FLEET_VULNERABILITIES_DATABASES_PATH: /home
however after a couple of deployments, the feature is not appearing yet... I've tested it in a local environment and is working fine, but the same setup will not work for a preprod environment... any suggestions on this is greatly appreciated!
t

Tomas Touceda

04/04/2022, 5:06 PM
ENABLE_SOFTWARE_INVENTORY: true
hi! software inventory is something you enable through fleetctl apply with a file like this: 
---
apiVersion: v1
kind: config
spec:
  host_settings:
    enable_software_inventory: true
j

JojoD

04/04/2022, 6:08 PM
thank you, Tomas 👌 , I use a yml file with the env variables, the configuration we have will not allow us to use configuration like the one above, only the env variables... do you know if there is another way to enable this?
In this documentation it says to enable that feature with the suggestion you shared, but below it says through the env variable, do you know if by having only 
FLEET_VULNERABILITIES_DATABASES_PATH=/some/path
will do the trick? I've tested also unsuccessfully, wondering if I missed something there though
t

Tomas Touceda

04/04/2022, 9:09 PM
I use a yml file with the env variables
do you mind rephrasing this or showing me an example? I'm not sure I understand what you mean
do you know if there is another way to enable this?
we have two areas to configure. The fleet serve config can be done through env vars, CLI options, or yaml on the other hand, we have the application config that can only be applied through 
fleetctl apply -f
through a yaml (or through the UI, but not all options are available in the UI). in the case of software inventory, it's the latter. You would apply that config, then it would be stored in the database, and that'll be it
j

JojoD

04/04/2022, 10:25 PM
sorry I didn't explain mysel... I'm using a yaml file that has the following skeleton 
image:
  baseImage: fleetdm/fleet
  workDir: /home
  copy:
    /fleet: /home/fleet
  cmd: [ "/home/fleet", "serve" ]     

ports:
  - port: 8080
    desc: "port description"

config:
  default:
    FLEET_LOGGING_DEBUG: false
    FLEET_MYSQL_ADDRESS: "mysql:3306"
    FLEET_MYSQL_DATABASE: "fleet"
    FLEET_MYSQL_USERNAME: "fleet"
    FLEET_MYSQL_PASSWORD: "mypass"

    FLEET_REDIS_ADDRESS: "redis:6379"
    FLEET_REDIS_PASSWORD: ""

    FLEET_AUTH_JWT_KEY: my-secret
    FLEET_LOGGING_JSON: true
    FLEET_OSQUERY_STATUS_LOG_PLUGIN: stdout
    FLEET_OSQUERY_RESULT_LOG_PLUGIN: stdout
    FLEET_SERVER_TLS: false
    FLEET_SERVER_ADDRESS: "0.0.0.0:8080"
    FLEET_MYSQL_MAX_OPEN_CONNS: "500"
    FLEET_MYSQL_CONN_MAX_LIFETIME: "300"
    FLEET_VULNERABILITIES_DATABASES_PATH: /home # For Software vulnerabilities - THIS WORKS

  preprod:
    FLEET_LOGGING_DEBUG: false
    FLEET_MYSQL_ADDRESS: "DBADDRESS"
    LEET_MYSQL_DATABASE: "fleet"
    FLEET_MYSQL_USERNAME: "fleet"
    FLEET_MYSQL_PASSWORD: "mypass"
  
    FLEET_REDIS_ADDRESS: "REDISADDRESS"
    FLEET_REDIS_PASSWORD: ""

    FLEET_OSQUERY_STATUS_LOG_PLUGIN: "stdout"
    FLEET_OSQUERY_RESULT_LOG_PLUGIN: "stdout"

    FLEET_AUTH_JWT_KEY: my-secret
    FLEET_ENABLE_SOFTWARE_INVENTORY: true #enable_software_inventory: true - THIS DOESN'T WORK
    FLEET_VULNERABILITIES_DATABASES_PATH: /home

  prod:
    #PROD VARS

domains:
  default:
    #CONFIGS

  preprod:
    #CONFIGS

  prod:
    #CONFIGS
so I've tried adding the env vars in the preprod and it doesn't work, but running it locally and without 
FLEET_ENABLE_SOFTWARE_INVENTORY
it works
in preprod I've tried adding the variable above to enable this, unsuccessfully
t

Tomas Touceda

04/05/2022, 3:15 PM
ah, I see, thanks for clarifying
but running it locally and without 
FLEET_ENABLE_SOFTWARE_INVENTORY
it works
this is likely because you are running an older version of fleet locally, because we've removed this in later versions You can configure vulnerability processing through env vars, but for software inventory, you'll have to apply a yaml like the one I mentioned earlier with 
fleetctl apply -f
j

JojoD

04/05/2022, 5:36 PM
understood, thanks a lot for the follow up, Tomas 👌
👍 1
so as a quick update, I've added the new yaml file with the configuration suggested in this thread, the deployment was successful to the preprod env, but after connecting remotely using 
fleetctl get config --include-server-config
the inventory software feature was still set to false... I've ended up manually enabling it with the 
fleetctl apply -f
command remotely... a restart was not required in the instance either
still wondering why the deployment with the new .yml did not work, but since the feature it's supposed to be enabled by default since 
version 4.7.0
, I guess I won't need to manually enable it again... 🤔
t

Tomas Touceda

04/07/2022, 2:35 PM
I've ended up manually enabling it with the 
fleetctl apply -f
command remotely
this is the only way to apply this yaml
I've added the new yaml file with the configuration suggested
if by this you mean you used it when launching 
fleet serve
then that would not have an effect, that's why you had to 
fleetctl apply
it
the feature is enabled by default on new installs, in your case it was an upgrade
j

JojoD

04/07/2022, 8:12 PM
I see, I thought I could apply it right after using the 
fleet serve
command
11 Views
#fleetJoin Slack
Powered by