https://github.com/osquery/osquery logo
#fleet
Title
# fleet
k

Kathy Satterlee

09/07/2022, 3:54 PM
How long ago was the issue with the database path resolved?
j

Jincheng Yin

09/07/2022, 3:55 PM
About 5 hours
k

Kathy Satterlee

09/07/2022, 3:56 PM
Definitely more than an hour then :) What version of Fleet are you running?
j

Jincheng Yin

09/07/2022, 3:57 PM
4.18 and this is the log
Copy code
level=info ts=2022-09-07T10:47:48.237551302Z component=crons cron=vulnerabilities cron=vulnerabilities databases-
path=/tmp/vulndbs                                                                                                
level=info ts=2022-09-07T10:47:48.237796888Z component=crons cron=vulnerabilities cron=vulnerabilities periodicit
y=1h0m0s                                                                                                         
level=info ts=2022-09-07T10:47:48.528169531Z msg="metrics endpoint disabled (http basic auth credentials not set)
"
k

Kathy Satterlee

09/07/2022, 4:11 PM
Just to be 100% sure the setup is all there, can you pull the Fleet config with ‘fleetctl get config —include-server-config’ and check the value for
vulnerabilities.databases_path
?
I know it's there in the logs and everything, but… weird things happen occasionally and I don't want to skip checking.
That's the culprit! That value is used when aggregating software inventory.
j

Jincheng Yin

09/07/2022, 4:15 PM
So I only need to apply a new configuration file and set it as
/tmp/vulndbs
?
k

Kathy Satterlee

09/07/2022, 4:16 PM
That'll do it.
j

Jincheng Yin

09/07/2022, 4:16 PM
Thanks.
k

Kathy Satterlee

09/07/2022, 4:18 PM
Glad I double checked. I need to dig in a little more on how it gets/sets that path for the host level checks without that setting just so I know, but setting that should get you up and running.
j

Jincheng Yin

09/09/2022, 8:46 AM
It's working after a day. (may be the pods restart)
2 Views