Ayan
01/07/2022, 3:39 PMauthentication error: find host
errors and all of the osquery agents are having connection timed out. I looked into the previous conversations related with this error in this Slack but could not really find anything relative. The fleet server is on 4.4.3
. Any guidance possible?level=debug ts=2022-01-07T16:08:23.36255733Z component=http method=POST uri=/api/v1/osquery/distributed/read took=15.943184963s ip_addr=<IP ADDR>:37838 x_for_ip_addr= err="retrieving policy queries: selecting policies for host: context canceled"
zwass
01/07/2022, 4:10 PMAyan
01/07/2022, 4:14 PMslow_query
logs and theres nothing there. General logs show a lot of queries from all fleet servers including the one in discussion. Basically we have about 6K hosts enrolled with 12 fleet servers that all share 1 redis and 1 mariadb. The db server is a 16 core 64 gig virtualized server.zwass
01/07/2022, 4:16 PMAyan
01/07/2022, 4:18 PMzwass
01/07/2022, 4:18 PMAyan
01/07/2022, 4:19 PMzwass
01/07/2022, 4:26 PMAyan
01/07/2022, 4:27 PMzwass
01/07/2022, 4:30 PMAyan
01/07/2022, 4:56 PMhosts
table. For anyone who's facing similar issues, an upgrade from Fleet 4.8 to Fleet 4.9.1 fixed the locks and the related errors by itself automatically for us. Thanks @zwasszwass
02/11/2022, 7:57 PM