Quick question. I'm testing new fleetdm 3.8 thats ...
# fleets
spookerlabs
02/25/2021, 7:08 PMQuick question. I'm testing new fleetdm 3.8 thats seems great. Just in case I was playing with some config options and I tried to change
config_refresh:10spookerlabs
02/25/2021, 7:09 PMspookerlabs
02/25/2021, 7:09 PMget options
spookerlabs
02/25/2021, 7:09 PMspookerlabs
02/25/2021, 7:10 PMI didn't test this config_refresh test in previous version.
spookerlabs
02/25/2021, 7:10 PMand congrats new release 😃
spookerlabs
02/25/2021, 7:20 PMLogging at osquery_flags seems like there config_refresh with my new parameter.
z
zwass
02/25/2021, 7:26 PM
The host details page will take some time to update (configurable via https://github.com/fleetdm/fleet/blob/master/docs/2-Deployment/2-Configuration.md#osquery_detail_update_interval).
zwass
02/25/2021, 7:26 PM
By default it's an hour, so it could take a little while to see the correct value there.
s
spookerlabs
02/25/2021, 7:32 PMbut other too values changed in minutes hehehe but I will that to see 😃 Thanks!
z
zwass
02/25/2021, 7:34 PM
Can you run osquery with
--verbose --tls_dumps
spookerlabs
02/25/2021, 7:45 PMseems like receiving, just applied new options
spookerlabs
02/25/2021, 7:45 PM Copy code
I0225 16:44:25.828430 314369 smbios_tables.cpp:105] Reading SMBIOS from sysfs DMI node
I0225 16:44:25.828779 314369 config.cpp:890] Calling configure for logger tls
I0225 16:44:40.829082 314369 config.cpp:1205] Refreshing configuration state
I0225 16:44:40.829715 314369 tls.cpp:254] TLS/HTTPS POST request to URI: <https://localhost:8412/api/v1/osquery/config>
{
"decorators": {
"load": [
"SELECT uuid AS host_uuid FROM system_info;",
"SELECT hostname AS hostname FROM system_info;"
]
},
"options": {
"config_refresh": 17,
"disable_distributed": false,
"distributed_interval": 37,
"distributed_plugin": "tls",
"distributed_tls_max_attempts": 3,
"logger_plugin": "tls",
"logger_tls_endpoint": "/api/v1/osquery/log",
"logger_tls_period": 47,
"pack_delimiter": "/"
}
}z
zwass
02/25/2021, 7:46 PM
Okay cool, let's see if it updates properly after waiting.
s
spookerlabs
02/25/2021, 7:46 PMspookerlabs
02/25/2021, 7:46 PMI will check in 10 min again
ty 1
z
zwass
02/25/2021, 7:47 PM
Both of the others updated?
s
spookerlabs
02/25/2021, 7:47 PMLogger and Distributed almost realtime
z
zwass
02/25/2021, 7:47 PM
Okay, seems likely a bug
s
spookerlabs
02/26/2021, 12:18 AMNot sure when it changed, but changed heheheh
spookerlabs
02/26/2021, 12:19 AMbut other two changed almost in real time
z
zwass
02/26/2021, 10:49 PM
That is interesting that it eventually worked. I opened up an issue to investigate further since other users had similar issues. https://github.com/fleetdm/fleet/issues/357
s
spookerlabs
02/27/2021, 12:20 AMCool! Great! Thanks 😃
8 Views