Hello happy post defcon monday. I currently have my fleet server behind a reverse proxy so that my devices can communicate back outside of the office. I want to restrict the server as much as possible though, and was wondering what specific endpoint would need to be exposed in order for devices to communicate back. is it /api/*? Basically i don’t want the console exposed as right now i’m allowing to :8080/

You’ll just want to expose the api/v1/osquery endpoints.