Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
a
Adam Connor
07/07/2022, 1:39 AMHi All, I’m exploring the API and have it running in Postman. All of the queries report exactly as described in the docs, except
‘List Queries’ ie.
GET /api/v1/fleet/queries{
"queries": []
}b
Benjamin Edwards
07/07/2022, 1:55 AMHey Adam, are you using our postman collection? Or building your own?
Do you have any queries?
a
Adam Connor
07/07/2022, 1:56 AMusing the imported collection from Fleet
💯 1
ah good question - I thought I did have queries!
😅 1
yes I do have the standard query pack and I’ve made a few new ones- so I should be able to ‘find by query ID’ let me try that
that does work. Perhaps I’ve just misunderstood the intent here, I’ll re-read the docs
b
Benjamin Edwards
07/07/2022, 3:17 AMHmm let me try
curl --location --request GET 'https://<host>/api/v1/fleet/queries' \
--header 'Authorization: Bearer <token>'ah is your user's role observer?
a
Adam Connor
07/07/2022, 3:22 AMyes, observer
b
Benjamin Edwards
07/07/2022, 3:22 AMqueries that are ✅ Observers can run are returned
a
Adam Connor
07/07/2022, 3:22 AMah, got it- thanks so much for your help!
b
Benjamin Edwards
07/07/2022, 3:23 AMno problem
👍 1
if you hit that API as an admin you'd get back the full list
a
Adam Connor
07/07/2022, 3:24 AMfantastic, that was the only odd thing I found, permissions issue makes sense. Now I’m off to figure out how to give my analytics software access to the DB safely!