Benjamin Edwards

Benjamin Edwards

08/26/2022, 3:02 PM
I think there was a bug when vuln processing isn't configured. Try setting https://fleetdm.com/docs/deploying/configuration#databases-path


08/26/2022, 3:05 PM
@Benjamin Edwards thank you! i will give that a try and let you know if that worked
8:39 PM
@Benjamin Edwards I think you are right about the bug. i used fleetctl to pull the config and the vuln DB path is an empty string. in the terraform script (we borrowed the dogfood terraform from github to test fleet) the path is set
5:42 PM
@Benjamin Edwards so we upgraded and still had the path set and nothing showed up for software. for the databases_path like you mentioned above, is that a path to just any directory in the filesystem? or is that a path to the actual DB? we are using AWS RDS for our DB and fleet is containerized in fargate
Benjamin Edwards

Benjamin Edwards

10/24/2022, 8:39 PM
If you set
that is the path in which fleet will use to download the CVE database we end up using for vuln processsing. I would make sure you are seeing in the logs "vuln processing" which confirms that things are configured correctly, and that the background CRON job is actually running on the server. The only other time I have seen vuln data not show up when everything was configured properly is when the fleet backend was running out of resources during the processing window. We recommend dedicating 2GB to the fleet backend responsible for cron processing (which by default is random, i.e fleet elects an instance at random).