https://github.com/osquery/osquery logo
Join Slack
Powered by
Hi fleet team, our fleet cannot show the host list...
# fleet
w
Hi fleet team, our fleet cannot show the host list from pack edit page. plz advice.
k
Hi @wennan.he. What browser are you using (including version)? Does this occur for other users/in other browsers? Are you seeing any errors in the browser's javascript console or network traffic? https://github.com/fleetdm/fleet/blob/main/CONTRIBUTING.md#6-is-this-an-issue-with-the-fleet-ui
w
well, i see the same err in safari also.
And which API will be called when i load this list?
this one?
k
That's the one.
Any errors in the console?
And I'm sure you've given us this information before, but can you tell me what version of Fleet you're running as well?
w
that is weird, this issue doesn't exists for my another fleet instance, only this one.
k
I'll dig into that one a little, but I'm seeing that as well.
If you look at the response for that request, are your hosts listed there?
Agreed on that error. I think that's expected behavior, but I've got a note to look into it later as well.
w
any update?
@Kathy Satterlee any update?
k
Hey @wennan.he. I was waiting for your responses about the Fleet version as well as the response coming back from the API. Just as a heads up, we may not be able to respond until Monday but that information will be helpful.
w
fleet version 4.20
k
It looks like that response timed out. Please check the logs in the Load balancer as well as the Fleet server for anything that might correspond with that request. This may be related to the other issues you're seeing with the Load balancer.
w
another response i c from network { "targets": { "hosts": [ // hide the detail of hosts, but it only shows the hosts info of scheduled packs hosts ], "labels": [ { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 6, "name": "All Hosts", "description": "All hosts which have enrolled in Fleet", "query": "select 1;", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "host_count": 21100, "display_text": "All Hosts", "count": 21100 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 7, "name": "macOS", "description": "All macOS hosts", "query": "select 1 from os_version where platform = 'darwin';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "macOS", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 8, "name": "Ubuntu Linux", "description": "All Ubuntu hosts", "query": "select 1 from os_version where platform = 'ubuntu';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "Ubuntu Linux", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 9, "name": "CentOS Linux", "description": "All CentOS hosts", "query": "select 1 from os_version where platform = 'centos' or name like '%centos%'", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "CentOS Linux", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 10, "name": "MS Windows", "description": "All Windows hosts", "query": "select 1 from os_version where platform = 'windows';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "MS Windows", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 11, "name": "Red Hat Linux", "description": "All Red Hat Enterprise Linux hosts", "query": "SELECT 1 FROM os_version WHERE name LIKE '%red hat%'", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "Red Hat Linux", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 12, "name": "All Linux", "description": "All Linux distributions", "query": "SELECT 1 FROM osquery_info WHERE build_platform LIKE '%ubuntu%' OR build_distro LIKE '%centos%';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "host_count": 21091, "display_text": "All Linux", "count": 21091 } ], "teams": [] }, "targets_count": 5, "targets_online": 4, "targets_offline": 1, "targets_missing_in_action": 0 }
when i refreshed the page again, the err gone, but the targets api only return the hosts with scheduled queries.
so the targets api didn't return all the hosts in scope. but only ones with packs running. why?
@Kathy Satterlee
s
Hi @wennan.he, Kathy is out of the office this week so I’ll try to help here as best as I can while she’s away. For that targets API response, would you please let me know what you see in the console under the “Payload” tab?
A couple of things to note about the 
hosts
list returned by 
/targets
API that may not be readily apparent: • 
hosts
list is truncated at 10 hosts; in order to target other individual hosts, the search can be narrowed hostname, uuid, hardware serial, or primary ip (similar to the search box on the 
/hosts
page) or it may be more efficient to create a label that encompasses the hosts you wish to target. • 
hosts
list returned excludes host ids that are already selected according to the request payload (
labels
or 
teams
or 
hosts
)
so the targets api didn’t return all the hosts in scope. but only ones with packs running. why?
I’m not clear from the details provided so far on what exactly you are expecting to see in terms of hosts in scope vs. what you are actually seeing so if you could elaborate on that it might help me to better understand the issue your grappling with. In this case (based on my current understanding), I would expect that the list of hosts in the response includes no more than 10 individual hosts. I’m not sure what you mean by “ones with packs running”. The list should not be dependent on whether a pack is running but there are other limitations that apply (as noted above) that could explain what you are seeing.
w
@Sarah Gillespie i expect to see the following info

https://osquery.slack.com/files/U042N4N1F8S/F044GKNKUKY/image.png

but i doesn't
s
I’m still confused. If the screenshot shows what you expect to see, under what circumstances are you not seeing it?
w
i built 2 fleet instances, one does, another one doesn't
s
What are the differences between the two instances?
w
they are running with different domain name.
but this is not the point, which one is expected behavior?
i guess the it is supposed to show the count of all the hosts, right?
if that is the one, why one of our fleet instance cannot?
s
Can you provide a screenshot of the other instance so we can compare the two?
Is the second screenshot from the instance where the request timed out?
w
i am not sure whether the req is time out
i think it is not
s
Are there more than five hosts enrolled to that instance?
What does it show under the “Response” tab?
w
{ "targets": { "hosts": [ // hide the detail ], "labels": [ { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 6, "name": "All Hosts", "description": "All hosts which have enrolled in Fleet", "query": "select 1;", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "host_count": 21100, "display_text": "All Hosts", "count": 21100 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 7, "name": "macOS", "description": "All macOS hosts", "query": "select 1 from os_version where platform = 'darwin';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "macOS", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 8, "name": "Ubuntu Linux", "description": "All Ubuntu hosts", "query": "select 1 from os_version where platform = 'ubuntu';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "Ubuntu Linux", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 9, "name": "CentOS Linux", "description": "All CentOS hosts", "query": "select 1 from os_version where platform = 'centos' or name like '%centos%'", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "CentOS Linux", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 10, "name": "MS Windows", "description": "All Windows hosts", "query": "select 1 from os_version where platform = 'windows';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "MS Windows", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 11, "name": "Red Hat Linux", "description": "All Red Hat Enterprise Linux hosts", "query": "SELECT 1 FROM os_version WHERE name LIKE '%red hat%'", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "display_text": "Red Hat Linux", "count": 0 }, { "created_at": "2022-09-15T044944Z", "updated_at": "2022-09-15T044944Z", "id": 12, "name": "All Linux", "description": "All Linux distributions", "query": "SELECT 1 FROM osquery_info WHERE build_platform LIKE '%ubuntu%' OR build_distro LIKE '%centos%';", "platform": "", "label_type": "builtin", "label_membership_type": "dynamic", "host_count": 21091, "display_text": "All Linux", "count": 21091 } ], "teams": [] }, "targets_count": 5, "targets_online": 4, "targets_offline": 1, "targets_missing_in_action": 0 }
s
Are there 10 hosts included in the redacted portion of the response?
w
yes
what i am confused is you can see the count of total number in this response, but it doesn't show it in ui.
s
The first screenshot is more in line with what I would expect to see. Do you mind if we go through it step-by-step on the second instance? Starting by refreshing the edit pack page and taking new screenshots of the UI and the console (headers, payload, and preview tabs) as you go through each step in the process?
w
is that what you ask?
s
Yes, thanks! The unexpected piece for me is the empty space on the left side of the dropdown when your cursor is in side the search box. Would you please screenshot the browser console network request headers, payload, and preview/response that you see when you click into the “Select pack targets” search box?
Yes, then please select the 
targets
request in the console and share the headers, payload, and preview.
And if you click back into the search box now, the dropdown is still empty, correct?
w
yes
s
Ok, the UI is definitely not behaving as expected here. Thank you so much for bearing with me on this! This has been very helpful for me to understand exactly what you are seeing.
The backend does appear to be responding as expected. So I think we have narrowed it down to a frontend issue now.
Are either of your instances running 4.20.1? Or are both on 4.20.0? I ask because there was a fix in 4.20.1 that may resolve this issue for you.
w
the instance has problem is 4.20.0
the one doesn't have problem is 4.12.0
s
In that case, I think that upgrading the problem instance to 4.20.1 will likely resolve the issue for you
w
let me try it
r
@wennan.he so sorry! This was a bug on 4.20.0 only with a dependency update, patched immediately in 4.20.1. Hope that was the only issue 🙏🏽
Open in Slack
PreviousNext
Powered by