https://github.com/osquery/osquery logo
#fleet
Title
# fleet
s

SK

09/07/2021, 3:47 PM
Hello all, I am trying to understand the logs of the vulnerabilities part, what does
"cron":"vulnerabilities","leader":"Not the leader. Skipping..."
mean?
t

Tomas Touceda

09/07/2021, 4:33 PM
hi, this happens when you are running vulnerability processing on a dynamic host. How many instances of fleet are you running?
s

SK

09/08/2021, 7:46 AM
4 instances
My idea was to use one instance that is not that busy to handle the vuln part
t

Tomas Touceda

09/08/2021, 1:22 PM
ok, you can statically assign an instance to be the one doing vulnerability processing, see here for more details: https://github.com/fleetdm/fleet/blob/main/docs/2-Deploying/2-Configuration.md#vulnerabilities
s

SK

09/08/2021, 7:22 PM
Great, added the option. I was wondering regarding the instances if I want to use the software inventory, do I need to add
FLEET_BETA_SOFTWARE_INVENTORY=1
to all the instances?
t

Tomas Touceda

09/08/2021, 7:34 PM
correct, or you can set it as the config as well
s

SK

09/08/2021, 7:43 PM
with config you mean this?
Copy code
host_settings:enable_software_inventory: true
t

Tomas Touceda

09/08/2021, 7:44 PM
correct
s

SK

09/08/2021, 7:45 PM
Thanks, will do, hopefully that I will see it afer that in the UI
A quick check, below needs to be added in the fleet.yml file of each fleet instance on each server when started right? I tried adding it through apply of fleetctl but don't see it when I get the config.
Copy code
vulnerabilities:
	current_instance_checks: yes
t

Tomas Touceda

09/09/2021, 1:35 PM
that config cannot be applied through fleetctl, fleet server config needs to be applied "by hand" as it is used at the server startup. fleetctl apply is for config that can be changed at runtime. That config is something you need to add to each instance, however, you only want one with value
yes
and the rest with
no
s

SK

09/09/2021, 2:06 PM
Yes I understand it, it was a bit confusing which settings are for which part. I did the change and will see if it works OK now.
5 Views