Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
w
wennan.he
09/30/2022, 5:48 PMHi fleet team, our fleet cannot show the host list from pack edit page. plz advice.
k
Kathy Satterlee
09/30/2022, 6:00 PMHi @wennan.he. What browser are you using (including version)? Does this occur for other users/in other browsers? Are you seeing any errors in the browser's javascript console or network traffic?
https://github.com/fleetdm/fleet/blob/main/CONTRIBUTING.md#6-is-this-an-issue-with-the-fleet-ui
w
wennan.he
09/30/2022, 6:29 PMwell, i see the same err in safari also.
And which API will be called when i load this list?
this one?
k
Kathy Satterlee
09/30/2022, 6:34 PMThat's the one.
Any errors in the console?
And I'm sure you've given us this information before, but can you tell me what version of Fleet you're running as well?
w
wennan.he
09/30/2022, 6:36 PMthat is weird, this issue doesn't exists for my another fleet instance, only this one.
k
Kathy Satterlee
09/30/2022, 6:36 PMI'll dig into that one a little, but I'm seeing that as well.
If you look at the response for that request, are your hosts listed there?
Agreed on that error. I think that's expected behavior, but I've got a note to look into it later as well.
w
wennan.he
09/30/2022, 11:10 PMany update?
@Kathy Satterlee any update?
k
Kathy Satterlee
10/01/2022, 12:20 AMHey @wennan.he. I was waiting for your responses about the Fleet version as well as the response coming back from the API. Just as a heads up, we may not be able to respond until Monday but that information will be helpful.
w
wennan.he
10/01/2022, 12:26 AMfleet version 4.20
k
Kathy Satterlee
10/01/2022, 12:30 AMIt looks like that response timed out. Please check the logs in the Load balancer as well as the Fleet server for anything that might correspond with that request. This may be related to the other issues you're seeing with the Load balancer.
w
wennan.he
10/01/2022, 12:30 AManother response i c from network
{
"targets": {
"hosts": [
// hide the detail of hosts, but it only shows the hosts info of scheduled packs hosts
],
"labels": [
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 6,
"name": "All Hosts",
"description": "All hosts which have enrolled in Fleet",
"query": "select 1;",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"host_count": 21100,
"display_text": "All Hosts",
"count": 21100
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 7,
"name": "macOS",
"description": "All macOS hosts",
"query": "select 1 from os_version where platform = 'darwin';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "macOS",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 8,
"name": "Ubuntu Linux",
"description": "All Ubuntu hosts",
"query": "select 1 from os_version where platform = 'ubuntu';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "Ubuntu Linux",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 9,
"name": "CentOS Linux",
"description": "All CentOS hosts",
"query": "select 1 from os_version where platform = 'centos' or name like '%centos%'",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "CentOS Linux",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 10,
"name": "MS Windows",
"description": "All Windows hosts",
"query": "select 1 from os_version where platform = 'windows';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "MS Windows",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 11,
"name": "Red Hat Linux",
"description": "All Red Hat Enterprise Linux hosts",
"query": "SELECT 1 FROM os_version WHERE name LIKE '%red hat%'",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "Red Hat Linux",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 12,
"name": "All Linux",
"description": "All Linux distributions",
"query": "SELECT 1 FROM osquery_info WHERE build_platform LIKE '%ubuntu%' OR build_distro LIKE '%centos%';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"host_count": 21091,
"display_text": "All Linux",
"count": 21091
}
],
"teams": []
},
"targets_count": 5,
"targets_online": 4,
"targets_offline": 1,
"targets_missing_in_action": 0
}
when i refreshed the page again, the err gone, but the targets api only return the hosts with scheduled queries.
so the targets api didn't return all the hosts in scope. but only ones with packs running. why?
@Kathy Satterlee
s
Sarah Gillespie
10/03/2022, 2:36 PMHi @wennan.he, Kathy is out of the office this week so I’ll try to help here as best as I can while she’s away.
For that targets API response, would you please let me know what you see in the console under the “Payload” tab?
A couple of things to note about the
hosts/targetshosts/hostshostslabelsteamshostsso the targets api didn’t return all the hosts in scope. but only ones with packs running. why?I’m not clear from the details provided so far on what exactly you are expecting to see in terms of hosts in scope vs. what you are actually seeing so if you could elaborate on that it might help me to better understand the issue your grappling with. In this case (based on my current understanding), I would expect that the list of hosts in the response includes no more than 10 individual hosts. I’m not sure what you mean by “ones with packs running”. The list should not be dependent on whether a pack is running but there are other limitations that apply (as noted above) that could explain what you are seeing.
w
wennan.he
10/03/2022, 8:40 PM@Sarah Gillespie i expect to see the following info
https://osquery.slack.com/files/U042N4N1F8S/F044GKNKUKY/image.pngâ–ľ
but i doesn't
s
Sarah Gillespie
10/03/2022, 8:43 PMI’m still confused. If the screenshot shows what you expect to see, under what circumstances are you not seeing it?
w
wennan.he
10/03/2022, 8:44 PMi built 2 fleet instances, one does, another one doesn't
s
Sarah Gillespie
10/03/2022, 8:45 PMWhat are the differences between the two instances?
w
wennan.he
10/03/2022, 8:46 PMthey are running with different domain name.
but this is not the point, which one is expected behavior?
i guess the it is supposed to show the count of all the hosts, right?
if that is the one, why one of our fleet instance cannot?
s
Sarah Gillespie
10/03/2022, 8:47 PMCan you provide a screenshot of the other instance so we can compare the two?
Is the second screenshot from the instance where the request timed out?
w
wennan.he
10/03/2022, 8:59 PMi am not sure whether the req is time out
i think it is not
s
Sarah Gillespie
10/03/2022, 9:01 PMAre there more than five hosts enrolled to that instance?
What does it show under the “Response” tab?
w
wennan.he
10/03/2022, 9:09 PM{
"targets": {
"hosts": [
// hide the detail
],
"labels": [
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 6,
"name": "All Hosts",
"description": "All hosts which have enrolled in Fleet",
"query": "select 1;",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"host_count": 21100,
"display_text": "All Hosts",
"count": 21100
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 7,
"name": "macOS",
"description": "All macOS hosts",
"query": "select 1 from os_version where platform = 'darwin';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "macOS",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 8,
"name": "Ubuntu Linux",
"description": "All Ubuntu hosts",
"query": "select 1 from os_version where platform = 'ubuntu';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "Ubuntu Linux",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 9,
"name": "CentOS Linux",
"description": "All CentOS hosts",
"query": "select 1 from os_version where platform = 'centos' or name like '%centos%'",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "CentOS Linux",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 10,
"name": "MS Windows",
"description": "All Windows hosts",
"query": "select 1 from os_version where platform = 'windows';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "MS Windows",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 11,
"name": "Red Hat Linux",
"description": "All Red Hat Enterprise Linux hosts",
"query": "SELECT 1 FROM os_version WHERE name LIKE '%red hat%'",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"display_text": "Red Hat Linux",
"count": 0
},
{
"created_at": "2022-09-15T04:49:44Z",
"updated_at": "2022-09-15T04:49:44Z",
"id": 12,
"name": "All Linux",
"description": "All Linux distributions",
"query": "SELECT 1 FROM osquery_info WHERE build_platform LIKE '%ubuntu%' OR build_distro LIKE '%centos%';",
"platform": "",
"label_type": "builtin",
"label_membership_type": "dynamic",
"host_count": 21091,
"display_text": "All Linux",
"count": 21091
}
],
"teams": []
},
"targets_count": 5,
"targets_online": 4,
"targets_offline": 1,
"targets_missing_in_action": 0
}
s
Sarah Gillespie
10/03/2022, 9:11 PMAre there 10 hosts included in the redacted portion of the response?
w
wennan.he
10/03/2022, 9:12 PMyes
what i am confused is you can see the count of total number in this response, but it doesn't show it in ui.
s
Sarah Gillespie
10/03/2022, 9:18 PMThe first screenshot is more in line with what I would expect to see.
Do you mind if we go through it step-by-step on the second instance? Starting by refreshing the edit pack page and taking new screenshots of the UI and the console (headers, payload, and preview tabs) as you go through each step in the process?
w
wennan.he
10/03/2022, 9:21 PMis that what you ask?
s
Sarah Gillespie
10/03/2022, 9:25 PMYes, thanks! The unexpected piece for me is the empty space on the left side of the dropdown when your cursor is in side the search box. Would you please screenshot the browser console network request headers, payload, and preview/response that you see when you click into the “Select pack targets” search box?
Yes, then please select the
targetsAnd if you click back into the search box now, the dropdown is still empty, correct?
w
wennan.he
10/03/2022, 9:48 PMyes
s
Sarah Gillespie
10/03/2022, 9:49 PMOk, the UI is definitely not behaving as expected here.
Thank you so much for bearing with me on this! This has been very helpful for me to understand exactly what you are seeing.
The backend does appear to be responding as expected. So I think we have narrowed it down to a frontend issue now.
Are either of your instances running 4.20.1? Or are both on 4.20.0? I ask because there was a fix in 4.20.1 that may resolve this issue for you.
w
wennan.he
10/03/2022, 10:05 PMthe instance has problem is 4.20.0
the one doesn't have problem is 4.12.0
s
Sarah Gillespie
10/03/2022, 10:06 PMIn that case, I think that upgrading the problem instance to 4.20.1 will likely resolve the issue for you
w
wennan.he
10/03/2022, 10:09 PMlet me try it
r
Rachel Perkins
10/05/2022, 3:32 PM@wennan.he so sorry! This was a bug on 4.20.0 only with a dependency update, patched immediately in 4.20.1. Hope that was the only issue 🙏🏽