Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

I was pocking around for `orbit` documentations but i couldn’t find. keeping osquery updated started to be a pain, and i wanted to test `orbit` which is really promising.

is there any doc that get me started?
how can i make the source of binaries to be internal rpm repo?

 because not all machines will reach out to internet, so i would need to host orbit, and osquery packages internally and install orbit for the first time and keep it in sync with the internal repo for any new packages.

Hey <@UNL4THDDJ> here’s a link to the Orbit “Usage” and “Packaging” documentation: <https://github.com/fleetdm/fleet/blob/ba6dc0d19c3c806b56faa1fd36626b93c017c13b/docs/2-Orbit-osquery/README.md>

The Fleet team is currently in the midst of reorganizing the documentation files, including the Orbit documentation. Apologies for the inconvenience.

Nothing to apologies for Noah, you guys doing a fantastic job already. Thanks

is it expected that `orbit` download a package that you need to install?

i tested with this command which generated an osquery package
```sudo ./orbit-package --type rpm --osqueryd-channel edge  --fleet-url <https://fleet.internal.com:443>  --enroll-secret $(cat /etc/osquery/osquery_enroll_secret) --fleet-certificate=/etc/osquery/fleet_cert.pem  -- --flagfile=/etc/osquery/osquery.flags```
output
```2021-06-29T11:42:08-04:00 INF wrote package path=orbit-osquery-0.0.2.x86_64.rpm```
is there a way that orbit install that package? because we using puppet already to deploy osquery package/updates. deploying orbit onetime using puppet and orbit keeping the osquery package updated is the intended workflow right? or i’m missing something.

you mean it generate the rpm to be deployed by other means, or it can install the osquery directly without the need to do that?

because above, it generated a package which i should deploy myself.

You install the Orbit package (probably the same way you've previously been installing the osquery package) and once you've done that Orbit takes care of updating osquery (and Orbit).

can you share a doc that describes how that is done ?, because as i shared above i just got a package as output and didnot find an option to install it. Thank you so much

I'm not sure I understand the request. The Orbit packager generates a package in the native format for each supported OS (`.pkg`, `.msi`, `.rpm`, `.deb`). When the package is installed all of the files and services are configured for Orbit to run and update itself along with osquery.