Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
k
Karthick
07/19/2022, 3:45 AMHi, Osquery software page doesn't load but am able to view the software and Vulnerable software from the host. Osquery is hosted in Kubernetes and version 4.11.0
k
Kathy Satterlee
07/19/2022, 2:11 PMHi, @Karthick! Are you seeing anything in the console or network requests?
k
Karthick
07/19/2022, 4:51 PMconsole error
i tried /api/v1/fleet/software from postman even that remain in message sending request but no response but am able to query other api endpoints like config
in pod logs i could see {"err":"failed","level":"error","op":"directIngestSoftware","ts":"2022-07-19T16:52:32.35786363Z"}
k
Kathy Satterlee
07/19/2022, 5:21 PMDo you get the same error if you try in another browser or an incognito window?
I see you tried it in Postman, but I'm still curious about incognito.
And did this just suddenly stop working, or was there a recent change?
k
Karthick
07/20/2022, 10:21 AMit was not working from the time it is deployed and tried in a different browser and incognito same result
k
Kathy Satterlee
07/20/2022, 3:16 PMThanks for that info. Looking into this to see what the culprit might be.
Can you run
fleetctl debug errorsk
Karthick
07/21/2022, 10:28 AMin debug json file all i can see it multiple entry of {"external": "enroll failed: timestamp: 2022-07-21T08:07:15Z: no matching secret found"
},
osquery is running in k8s so installed fleetctl in linux and executed fleetctl debug errors command
k
Kathy Satterlee
07/21/2022, 4:45 PMThis may be related to an issue we're tracking. Do you have any Ubuntu hosts enrolled?
k
Karthick
07/22/2022, 2:12 AMwe have centos, mac, windows
@Kathy Satterlee the version referred in issue is v4.17 and ubuntu host in my case we are running with v4.11. So, v4.11 also has this bug ?
k
Kathy Satterlee
07/24/2022, 4:18 PMI apologize, I must have misread the version! Given that there aren't any errors in the Fleet logs or the pod logs, it seems likely that the error is popping up somewhere between Fleet and you. When you checked the logs in Kubernetes, did you also look at the logs for your load balancer or proxy server?