Yep you can use `fleetctl convert` to convert osquery pack J

Question

Yep you can use `fleetctl convert` to convert osquery pack JSON into the fleetctl yaml format Then you can apply the yaml

Mark C. · Answer

`fleetctl convert config usr share fleet test config yml f ~ query packs windows attacks conf context windows attacks debug` If I run that the output in the terminal is the pack in the expected yml format `test config yml` is unchanged and `~ query packs windows attacks conf` is unchanged also is this specifically for the fleet cli I see there is an example for a single file config and the multi file config but both fleet configurations look completely different than mine

brandon · Answer

< Mark C > The ` config` flag is for the `fleetctl` config not for Fleet so this config file will not look like the example configs When you run `fleetctl convert` no files are changed Instead if you want to apply the windows attacks pack to a Fleet instance I would use `fleetctl convert f ~ query packs windows attacks conf gt windows attacks yml` and then `fleetctl apply config usr share fleet test config yml context windows attacks f windows attacks yml`

zwass · Answer

Yes thank you < brandon> Spot on The output of `fleetctl convert` goes to stdout so you can pipe it to wherever you like with your shell and then apply it

Mark C. · Answer

Now that makes total sense what if the config is for a running daemon a restart should do the trick right

zwass · Answer

Nope the daemon should reload the config as long as `config refresh` is set to something greater than 0 slightly smiling face

Mark C. · Answer

`fleetctl convert` works as expected `apply` is not Fleetctl is prompting to set the address in the config I think I might have made an assumption that the GUI and CLI configs were similar but not

zwass · Answer

`fleetctl login` first

Mark C. · Answer

WOW thank you so much Seriously this is awesome I sincerely hope that the stack we are building based on OSQ Fleet and ES will blow any pay to play solution out of the water We re like counting the hours here to throw some big money at another solution and this has really changed the game and not to mention made my job so much easier Hopefully as I become more versed in Fleet I can contribute something back smile

zwass · Answer

We re glad you re enjoying We also have a cloud offering that goes way beyond what Fleet does <http kolide com|kolide com> but sounds like you re pretty happy slightly smiling face