Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

hey team -- question about TLS enrollment (and re-enrollment): I am planning to change my `tls-hostname` to a new endpoint (fresh server)
• what happens to the clients/nodes?
• do I have to manually re-enroll them? or will they re-enroll automatically?

I'm planning to run a test by changing the config, restarting the daemon, and watching the logs for what happens...

When you say "fresh server" you mean a new database?

The server should tell the nodes their authentication is invalid and trigger a reenrollment.

Of course this depends on the server being implemented properly.

yessir new database;

I am implementing a new server and it seems that I should check the `node_invalid` flag in the API? <https://osquery.readthedocs.io/en/stable/deployment/remote/#remote-server-api>