I'm running fleet 2.0.2 on Ubuntu 18.04. Only 11 a...
# kolider
Robb Breck
03/12/2019, 8:40 PMI'm running fleet 2.0.2 on Ubuntu 18.04. Only 11 agents out there, but we'd like to scale to several hundred soon.
I noticed that the journal logs on the fleet server are ~ 1gb/day and when I tail it, I see that it's mainly a steady stream of Fleet logs --
a) is this expected and b) is there a way to tune them to be less verbose?
z
zwass
03/12/2019, 8:42 PM
You're talking about the HTTP logs that Fleet outputs?
r
Robb Breck
03/12/2019, 10:57 PMit seems to be osquery related..
Robb Breck
03/12/2019, 10:57 PMRobb Breck
03/12/2019, 10:58 PMthe systemlogs are a steady stream of what's pasted above in the pastebin.
z
zwass
03/12/2019, 11:36 PM
This looks like you have debug logging enabled on the server?
h
harveywells
03/13/2019, 3:20 PM@zwass + @Robb Breck oddly enough @atom and I encountered this very same problem yesterday. We haven’t explicitly set this value in a config (https://github.com/kolide/fleet/blob/master/docs/infrastructure/configuring-the-fleet-binary.md)
harveywells
03/13/2019, 3:20 PMis there another place we can look to see if the flag is set? Or should we explicitly set it to FALSE?
r
Robb Breck
03/13/2019, 4:16 PMI also didn't have it set, so I've explicitly set false in my yaml config, but following the logs I still see it logging like mad..
Copy code
logging:
json: true
debug: falsez
zwass
03/13/2019, 6:51 PM
What version of fleet are you folk running?
r
Robb Breck
03/13/2019, 7:11 PM2.02 over here...
h
harveywells
03/13/2019, 7:12 PM"version": "2.0.0"z
zwass
03/13/2019, 8:00 PM
Please check out https://github.com/kolide/fleet/issues/2015 and https://github.com/kolide/fleet/issues/1439 and comment if you feel inclined to weigh in on either of those.
zwass
03/13/2019, 8:01 PM
I will likely implement leveled logging shortly and then you can build from master or wait for a new release.