Title
#fleet
v

vaar

11/06/2020, 8:01 PM
is there already a roadmap for features to be implemented?
zwass

zwass

11/06/2020, 8:12 PM
Not yet, and we are interested in what the community and potential customers are looking for. Here are some informal thoughts of things that I believe will benefit folks: - One agent to rule them all. We want to provide (or allow users to build) any security/it/compliance monitoring they need by deploying a single agent (osquery). - Build alerting and enrichment into Fleet so that queries can be defined along with the alerts and enrichment (thinking to evolve the yaml format to support some of these things). - Make it easier to deploy and update osquery, and extensions. - Build a datastore tailored to storing information logged from osquery (not competing with Splunk/ELK for longer term storage, but making the management and querying of "facts" available from osquery more efficient). - Fine grained authorization that allows exposing the capabilities of Fleet to more of the organization without compromising security/stability. - Privacy and user respect is important - Expose a UX for endpoint users to understand how/what data is being collected from their devices. Do these things resonate with you? What are your needs?
v

vaar

11/07/2020, 1:36 AM
those are interesting, I think a very needed feature is about the granular access to the tables, but I am not sure if it is something to implement in osquery directly or in the fleet
Ian Muscat

Ian Muscat

11/09/2020, 10:57 AM
overrides
configurable via labels (as opposed to platform) would be super neat.
s

Scott Lampert

11/09/2020, 2:04 PM
Labels configurable based on enroll secret
Noah Talerman

Noah Talerman

11/09/2020, 6:03 PM
Awesome thoughts! Overrides configurable via labels is something the team will discuss further.
6:07 PM
Creating labels based on enroll secret is a feature the team would like to add. As mentioned in issue #2290 in kolide/fleet, we’re not able to prioritize this at the moment however, we’d love to review a PR. We’re currently working to move all issues to the new fleetdm/fleet repo so we can continue the discussion there!