Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
s
SK
04/29/2021, 11:29 AMHello all, digging into Orbit and trying to understand how does orbit update Osquery, how does the
stableedgen
Noah Talerman
04/29/2021, 6:27 PMHi @SK. By default, Orbit checks in with the public Fleet update repository. Using this update repository, FleetDM determines the osquery version that belongs on the
stableedgestables
SK
04/29/2021, 6:49 PMHey @Noah Talerman thanks for your response. Nice way of checking the version. How does Orbit handle situations where there is a proxy, does it grab the update from the onprem fleet server or always straight to the repo?
n
Noah Talerman
04/30/2021, 1:31 PMHow does Orbit handle situations where there is a proxy, does it grab the update from the onprem fleet server or always straight to the repo?Hey @SK, I don’t immediately know the answer to this. I’m going to phone in @zwass for help on this Orbit question.
z
zwass
04/30/2021, 5:37 PMOrbit uses a configurable update server. We expect that many folks will just use the update server we manage (similar to what Kolide does with Launcher's update server). We are also offering tooling for self-managing an update server as part of Fleet Basic (the subscription offering) https://github.com/fleetdm/fleet/blob/master/docs/2-Deployment/4-fleetctl-agent-updates.md.
Depending on what you mean by proxy, you could potentially also just copy the metadata from our update server and serve it from anywhere you like.
s
SK
04/30/2021, 5:40 PMHey @zwass thanks for the response. I was more wondering how does Orbit handle situations where the agent is behind a proxy to get to your update server? Can you configure the proxy in the orbit config?
z
zwass
04/30/2021, 5:41 PMWhat kind of configuration would need to be provided for the proxy? We can look into adding support for that.
s
SK
04/30/2021, 5:42 PMSo talking about a situation where the system where Osquery/orbit is installed on resides behind a corporate internet proxy, so can only get to the internet through the proxy.
Probably the same way you can can configure the proxy in Osquery
--proxy_hostnamez
zwass
04/30/2021, 7:54 PMYou could set the
HTTP_PROXYs
SK
05/03/2021, 3:59 PMI'll test drive Orbit for a bit and let you know.
:ty: 1