https://github.com/osquery/osquery logo
Join Slack
Powered by
<@U9JGGT91V> regular osqueryd can get scheduled qu...
# kolide
z
@nNipsx regular osqueryd can get scheduled query packs from Fleet. Is that what you were asking?
n
yes
Now I'm trying to do this
but cant do this
z
Are you getting an error?
n
No
i'm setup all config for Packs
but dont recive any result from osquery
z
Do you have the pack targeted to any hosts?
n
yes
can you remote my machine and check it again ?
i have some lab in my PC
z
No, but I can help you continue debugging
n
my Version of Kolide fleet is 1.0.6
and Osquery is 2.11.0
z
Please upgrade fleet to 1.0.8 and try again
n
it's okay for schedule query
can you send me fleet 1.0.8
z
What do you mean it's okay for schedule query?
n
i'm just find 1.0.7
z
n
oh thanks let me try this and keep contact with you in this post 😄
Hi, can you give me some example for create and get results log with schedule Packs ?
z
The results go to 
/tmp/osquery_result
on the Fleet server by default
This is configurable with 
--osquery_result_log_file
n
I'm set log file is /var/log/kolide/osquery_result
and can you give me some example about create query simple and get log from schedule
z
Try adding a query like 
select * from time
with an interval of 30 seconds. Make sure the pack actually targets some hosts
n
and what about shard
z
Typically you would leave shard empty
n
Thanks for your support
i'm running success in Linux
but let me try with Windows
And now my system running is 106 kolide
So i want upgrade this version to 108
How to do that
z
n
thanks
3 Views
Open in Slack
PreviousNext
Powered by