Hi fleet team does fleet support query running on a given ip

Question

Hi fleet team does fleet support query running on a given ip list

Kathy Satterlee · Answer

You can use a host s IP address as a filter in the target picker If you could give an example scenario that would be helpful for giving you the best advice

wennan.he · Answer

if i have a ip list like ipa ipb ipc

wennan.he · Answer

you mean i need pick each of them in UI one by one

Kathy Satterlee · Answer

Would this be a group that you d want to query together frequently or as a one off Is this a live query or something you d want to schedule Where are those IP addresses coming from Would you want to do this through the UI the API or fleetctl

wennan.he · Answer

they could be very random query running

wennan.he · Answer

and i dont want to schedule it

wennan.he · Answer

ui api fleetctl i think all of them work for me

wennan.he · Answer

any suggestions < Kathy Satterlee>

Kathy Satterlee · Answer

I ll respond as soon as I can This is primarily a community based forum and while I do try to be as helpful as I can I m not always able to respond immediately

Kathy Satterlee · Answer

What I d likely do in this case is set up a script that would use the REST API to 1 Create the query and save the query ID 2 Loop over the list of IP addresses and fetch the host using the IP as `query` to build an array of host IDs 3 Run the live query using the IDs collected in 1 and 2 4 optionally Delete the query

Kathy Satterlee · Answer

At least if this was something I was likely to have to do often enough to make selecting the hosts one by one in the UI inefficient

wennan.he · Answer

do i need any certificate when icall this api

Kathy Satterlee · Answer

You d need to include an authorization header with a valid token

Kathy Satterlee · Answer

wennan.he · Answer

so i just need to put the api token in the header when calling every api of fleet right

Kathy Satterlee · Answer

Correct Anything but ` login` uses that token to authenticate