I have an older fleet install and am looking to en...
# fleetb
benbass
02/08/2022, 7:54 PMI have an older fleet install and am looking to enable software, yet not the vulnerability scans. What flags do I need to add to my config file?
t
Tomas Touceda
02/08/2022, 7:58 PMhi, what version are you running?
b
benbass
02/08/2022, 7:58 PMI just updated to 4.9.1. I could also be jumping the gun as I just finished the upgrade about 30 minutes ago.
t
Tomas Touceda
02/08/2022, 8:26 PMto enable software inventory in 4.9.1 you simply apply the following config via fleetctl:
Copy code
---
apiVersion: v1
kind: config
spec:
host_settings:
enable_software_inventory: trueb
benbass
02/08/2022, 8:30 PMCool. Can I do that as an environmental variable as well? ENABLE_SOFTWAER_INVENTORY=1 or yes?
benbass
02/08/2022, 8:31 PMI know earlier versions
Copy code
FLEET_BETA_SOFTWARE_INVENTORY=1t
Tomas Touceda
02/08/2022, 8:33 PMno, this is something that can only be applied through fleetctl, sadly
ty 1
b
benbass
02/08/2022, 8:33 PMOh well. Good to know then.
benbass
02/08/2022, 8:36 PMWhat would be the best way to apply that with fleetctl? build that as a yaml file and then do
Copy code
fleetctl apply -f <configuration-file-name-here>.ymlt
Tomas Touceda
02/08/2022, 8:36 PMexactly
👍 1
👍🏽 1
b
benbass
02/08/2022, 8:37 PMThat works - I can then drop that yaml file into my git repo to track things that way.
❤️ 1
r
Rachel Perkins
02/09/2022, 3:07 PMThanks Tomas! Also, if you do need to enable/disable vulnerabilities, you'll just need to add/remove the databases path. https://fleetdm.com/docs/using-fleet/vulnerability-processing#configuration
b
benbass
02/09/2022, 3:15 PMGood to know Rachel. What I did to handle that was to set the variable scanning instance check to no on all nodes.
Copy code
FLEET_VULNERABILITIES_CURRENT_INSTANCE_CHECKS=no👍🏽 1
👍 1
11 Views