Saif Abulkhair
09/30/2020, 6:32 AMsundsta
09/30/2020, 4:24 PMfleetctl
tool implements an example of how to do this. https://github.com/kolide/fleet/blob/master/cmd/fleetctl/query.goSaif Abulkhair
09/30/2020, 5:59 PMCptOfEvilMinions
09/30/2020, 6:42 PMcurl -X POST https://<Kolide>/api/v1/kolide/login -d '{"Username": "<Kolide admin e-mail>", "Password": "<Kolide admin password>"}'
When you successfully login you should receive a JWT token which you will use for all future API requests to Kolide. Here is the Kolide login code.
Next, you can use the JWT to perform API operations such as getting a list of queries: /api/v1/kolide/queries.
Next, request query results using /api/v1/kolide/results/Saif Abulkhair
10/01/2020, 7:12 AM{"query":"SELECT name[Software Name], bundle_short_version[Software version], bundle_identifier[Software publisher] FROM apps \nwhere bundle_identifier not like '%com.apple%' and \npath like ( '%/Applications/' ||apps.name);","selected":{"hosts":[],"labels":[7]}}
I can see from code that a websocket gets created and its the websocket which returns the queries results.
How do i consume the websocket which is generted at runitme ?sundsta
10/04/2020, 7:40 PMfleetctl
source I linked previously, it shows an example of how to do so in Golang