Channels
#kolide
Title
# kolide
a
Artem
09/11/2020, 10:56 AMHello!
Thank you for continuing to support and develop Kolide Fleet!
I have two problems, the cause of which I cannot understand yet. I would be grateful for your help with their solution.
1. This includes the first 3 screenshots. I try to add a specific user to the targets for a pack, but after allowing editing, I don’t see this user in the settings of a specific pack, it shows empty string. However, the general list of packs shows that the pack is installed for the user. Based on the results of my test, I see that the pack is still being applied and requests are being executed, however, this creates inconveniences during testing and debugging. What do you think is the reason for this behavior?
2. Our Fleet is configured to receive the results of queries on a schedule in the result.log file (rotation is enabled). However, today, when other queries were enabled, I noticed that they began to write to files with result-datetime.log formats, although we did not specify such settings. At the same time, while the previously included pack continued to write to the result.log file. What do you think is the reason for this behavior?
This behavior was not observed before the upgrade to version 3.1.0.
z
zwass
09/11/2020, 3:58 PM
2 looks like log rotation which you seem to have explicitly enabled.
For 1, are there errors in your JS console in the browser when you load that page?
a
Artem
09/11/2020, 4:23 PMRegarding the rotation, strangely, it seemed that earlier it worked differently. But thanks for the clarification! Do I understand correctly that when we turn off the rotation of logs, they will constantly be written to one file?
I’ll check the errors in the JS console now.
Only this. Note that when adding a host group based on the OS, they are displayed correctly. We checked it on a test Fleet, the situation is similar. In the another browser situation is similar.
z
zwass
09/11/2020, 4:48 PM
I don't think there has been any change to log rotation. If you turn it off, logs will only be written to one file.
You're saying that adding a target by hostname results in the error, but adding by label works as expected?
a
Artem
09/11/2020, 5:08 PMYes, that’s right.
If I understand correctly, the host is added in both cases, however, when adding by hostname, it is displayed incorrectly (not displayed at all) on the pack page
z
zwass
09/11/2020, 5:15 PM
You believe this to be new behavior? From which version did you upgrade?
a
Artem
09/11/2020, 5:20 PMI cannot name the exact reason, since I have not tested requests on individual users for a long time, but only use packs. But the only big change in architecture that we have made recently is the upgrade from 2.6 to 3.1.0
z
zwass
09/11/2020, 5:56 PM
If you retrieve that pack with fleetctl does it show the correct targets?
a
Artem
09/15/2020, 2:39 PMHello Zach,
I’m sorry for the delay in answering,
did not work for several days due to poor health.
I checked what you said, after assigning a pack to a specific host, I get a response similar to what I see in the interface in the settings for a specific pack.
z
zwass
09/15/2020, 3:59 PM
Is there a hosts key just off the bottom of that screenshot?
a
Artem
09/15/2020, 5:02 PMNo, I did “fleetctl get pack it-compliance” and that’s my result (attached file). In the UI I have similar situation