Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
c
clong
05/25/2022, 9:10 PMre: fleet policy automations, does it ping the webhook each time it checks and a host fails a policy, or does it only do it once per host per policy? e.g. if someone is failing a policy for a week straight, how many times will the webhook get pinged for that specific device?
b
Benjamin Edwards
05/25/2022, 9:58 PMI believe you'd only get notified on the rising/falling edges. The change in state from failing to passing or passing to failing
:ty: 1
n
Noah Talerman
05/25/2022, 10:05 PMThat’s not quite right.
if someone is failing a policy for a week straight, how many times will the webhook get pinged for that specific device?Only once. Fleet checks policies every 24hr (configurable). If there are any “newly failing” hosts, Fleet pings a webhook per policy. “Newly failing” here means if a host has updated from no response to failing or passing to failing since the last check.
👍 2
:ty: 2