Howdy, folks. Anyone around who could help me out with enrolling a windows endpoint with fleet?

I might be able to help out. What issues are you running into?

@Tim I'm trying to enroll my Windows machine with the tls plugin, however I'm getting an error message

IS your server running ok? IS there a different host with that identifier? Maybe try it without specifying a host identifier.

.\osqueryd.exe --enroll_secret_env=Tnr/Tl0zB2vySH9x1DEIcA4kS0cXw5yI --tls_hostname=x.x.x.x:8080 --tls_server_certs=C:\ProgramData\osquery\certs\x.x.x.x_8080.pem --verbose --host_identifier=HOST-27 --config_tls_refresh=10 --disable_distributed=false --distributed_plugin=tls --distributed_interval=3 --distributed_tls_max_attempts=3 --enroll_tls_endpoint=/api/v1/osquery/enroll --config_plugin=tls --config_tls_endpoint=/api/v1/osquery/config

I haven't used the enroll_secret_env flag, I use the enroll_secret_path one but your secret might be getting passed wrong. Try adding

--verbose

and

--tls_dump

flags for troubleshooting

try copying just your enroll secret, placing it in a file, then adding the

--enroll_secret_path=C:\PATH\TO\FILE

Working!!! Awesome, thank you so much

Np, and that depends. If you put a flagfile with all this in it in the default path for the service flagfile then it will work whenever the osqueryd service starts. Or you could alter the default osqueryd service and point it to wherever you want for a flagfile.

So I got osquery to connect to fleet with a flagfile I created and specified when running osqueryi.exe --flagfile=<FLAGFILE>