https://github.com/osquery/osquery logo
Powered by
#fleet
Title
# fleet
a

Ahmed

06/29/2021, 2:27 PM
I was pocking around for 
orbit
documentations but i couldn’t find. keeping osquery updated started to be a pain, and i wanted to test 
orbit
which is really promising. is there any doc that get me started? how can i make the source of binaries to be internal rpm repo? because not all machines will reach out to internet, so i would need to host orbit, and osquery packages internally and install orbit for the first time and keep it in sync with the internal repo for any new packages.
n

Noah Talerman

06/29/2021, 2:50 PM
Hey @Ahmed here’s a link to the Orbit “Usage” and “Packaging” documentation: https://github.com/fleetdm/fleet/blob/ba6dc0d19c3c806b56faa1fd36626b93c017c13b/docs/2-Orbit-osquery/README.md The Fleet team is currently in the midst of reorganizing the documentation files, including the Orbit documentation. Apologies for the inconvenience.
a

Ahmed

06/29/2021, 2:51 PM
Nothing to apologies for Noah, you guys doing a fantastic job already. Thanks
is it expected that 
orbit
download a package that you need to install? i tested with this command which generated an osquery package
Copy code
sudo ./orbit-package --type rpm --osqueryd-channel edge  --fleet-url <https://fleet.internal.com:443>  --enroll-secret $(cat /etc/osquery/osquery_enroll_secret) --fleet-certificate=/etc/osquery/fleet_cert.pem  -- --flagfile=/etc/osquery/osquery.flags
output
Copy code
2021-06-29T11:42:08-04:00 INF wrote package path=orbit-osquery-0.0.2.x86_64.rpm
is there a way that orbit install that package? because we using puppet already to deploy osquery package/updates. deploying orbit onetime using puppet and orbit keeping the osquery package updated is the intended workflow right? or i’m missing something.
z

zwass

06/29/2021, 5:43 PM
Yes, that is the intended workflow.
a

Ahmed

06/29/2021, 5:45 PM
you mean it generate the rpm to be deployed by other means, or it can install the osquery directly without the need to do that? because above, it generated a package which i should deploy myself.
z

zwass

06/29/2021, 6:11 PM
You install the Orbit package (probably the same way you've previously been installing the osquery package) and once you've done that Orbit takes care of updating osquery (and Orbit).
a

Ahmed

06/29/2021, 9:32 PM
can you share a doc that describes how that is done ?, because as i shared above i just got a package as output and didnot find an option to install it. Thank you so much
z

zwass

06/30/2021, 4:39 PM
I'm not sure I understand the request. The Orbit packager generates a package in the native format for each supported OS (
.pkg
, 
.msi
, 
.rpm
, 
.deb
). When the package is installed all of the files and services are configured for Orbit to run and update itself along with osquery.
3 Views
Powered by