Hello there. I am trying to combine the grpc functionality with osqueryd without using the launcher. This issue pointed me towards building the grpc.ext separately. My question is, if I load this extension into my osqueryd, where do I put the kolide fleet server details (hostname/port no.)?
08/31/2020, 5:47 PM
What are you hoping to achieve with that?
08/31/2020, 5:48 PM
We are trying to use gRPC for comm between Kolide Fleet and osqueryd endpoints instead of TLS
08/31/2020, 5:50 PM
And if you want that, why not just use Launcher?
08/31/2020, 5:51 PM
I spoke to you and @seph earlier about trying to connect custom tables with launcher or osqueryd
But, it sounds a bit like you’re evaluating this weirdly. You can’t really easily say “I want X, and Y from launcher, but not Z”. It’s simpler to view it as a complete package.
It’s all OSS, so there are options. But some of them require development or in depth work
08/31/2020, 5:59 PM
There's just no need for gRPC to achieve what you're looking for. It will be simpler to configure with osquery's TLS transport and AFAICT you don't have any special need for gRPC.
08/31/2020, 6:02 PM
if we use TLS, won't that open the dashboard to the entire internet? with gRPC we can limit the exposure
08/31/2020, 6:04 PM
You'll use a similar strategy of fronting with a proxy and separating the endpoints
gRPC or not, you have to do that if you don't want to expose the dashboard to the internet.