I'm running fleet 2.0.2 on Ubuntu 18.04. Only 11 agents out there, but we'd like to scale to several hundred soon. I noticed that the journal logs on the fleet server are ~ 1gb/day and when I tail it, I see that it's mainly a steady stream of Fleet logs -- a) is this expected and b) is there a way to tune them to be less verbose?

You're talking about the HTTP logs that Fleet outputs?

it seems to be osquery related..

This looks like you have debug logging enabled on the server?

@zwass + @Robb Breck oddly enough @atom and I encountered this very same problem yesterday. We haven’t explicitly set this value in a config (https://github.com/kolide/fleet/blob/master/docs/infrastructure/configuring-the-fleet-binary.md)

I also didn't have it set, so I've explicitly set false in my yaml config, but following the logs I still see it logging like mad..

logging:
  json: true
  debug: false

What version of fleet are you folk running?

2.02 over here...

"version": "2.0.0"

@zwass

Please check out https://github.com/kolide/fleet/issues/2015 and https://github.com/kolide/fleet/issues/1439 and comment if you feel inclined to weigh in on either of those.