Title
#fleet
SK

SK

09/07/2021, 3:47 PM
Hello all, I am trying to understand the logs of the vulnerabilities part, what does
"cron":"vulnerabilities","leader":"Not the leader. Skipping..."
mean?
Tomas Touceda

Tomas Touceda

09/07/2021, 4:33 PM
hi, this happens when you are running vulnerability processing on a dynamic host. How many instances of fleet are you running?
SK

SK

09/08/2021, 7:46 AM
4 instances
8:02 AM
My idea was to use one instance that is not that busy to handle the vuln part
Tomas Touceda

Tomas Touceda

09/08/2021, 1:22 PM
ok, you can statically assign an instance to be the one doing vulnerability processing, see here for more details: https://github.com/fleetdm/fleet/blob/main/docs/2-Deploying/2-Configuration.md#vulnerabilities
SK

SK

09/08/2021, 7:22 PM
Great, added the option. I was wondering regarding the instances if I want to use the software inventory, do I need to add
FLEET_BETA_SOFTWARE_INVENTORY=1
to all the instances?
Tomas Touceda

Tomas Touceda

09/08/2021, 7:34 PM
correct, or you can set it as the config as well
SK

SK

09/08/2021, 7:43 PM
with config you mean this?
host_settings:enable_software_inventory: true
Tomas Touceda

Tomas Touceda

09/08/2021, 7:44 PM
correct
SK

SK

09/08/2021, 7:45 PM
Thanks, will do, hopefully that I will see it afer that in the UI
10:18 AM
A quick check, below needs to be added in the fleet.yml file of each fleet instance on each server when started right? I tried adding it through apply of fleetctl but don't see it when I get the config.
vulnerabilities:
	current_instance_checks: yes
Tomas Touceda

Tomas Touceda

09/09/2021, 1:35 PM
that config cannot be applied through fleetctl, fleet server config needs to be applied "by hand" as it is used at the server startup. fleetctl apply is for config that can be changed at runtime. That config is something you need to add to each instance, however, you only want one with value
yes
and the rest with
no
SK

SK

09/09/2021, 2:06 PM
Yes I understand it, it was a bit confusing which settings are for which part. I did the change and will see if it works OK now.