Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Title
g
groob
02/06/2018, 6:24 PMoh, your
enroll_secret_enve
Eldar
02/06/2018, 6:27 PMthan what should be?
g
groob
02/06/2018, 6:28 PMsee below
e
Eldar
02/06/2018, 6:33 PMto place the secret in file?
osqueryd --enroll_secret_path=/tmp/enroll --tls_server_certs=/etc/osquery/kolide.crt --tls_hostname=127.0.0.1 --host_identifier=uuid --enroll_tls_endpoint=/api/v1/osquery/enroll --config_plugin=tls --config_tls_endpoint=/api/v1/osquery/config --config_tls_refresh=10 --disable_distributed=false --distributed_plugin=tls
g
groob
02/06/2018, 6:38 PMyour tls hostname flag is also wrong. that's just an ip address. it needs the port and it needs to match your certificate
can you show us the fleet startup as well?
and any logs osquery might be reporting. you'll ahve to add
--verbose--tls_dumpe
Eldar
02/06/2018, 6:40 PMfleet serve --config /tmp/kolide.yml --auth_jwt_key 93hxhlw4b+WFMlxGV5RKzKTmml5itxA1
g
groob
02/06/2018, 6:42 PMok that looks fine i'm guessing
add the verbose and tls_dump flags to osqueryd and try starting it again
e
Eldar
02/06/2018, 6:47 PMW0206 18:31:39.313983 5271 tls_enroll.cpp:70] Failed enrollment request to <https://localhost:12345/api/v1/osquery/enroll> (Request error: Failed to connect to localhost:12345: Connection refused) retryingg
groob
02/06/2018, 6:48 PMis your cert signed for localhost?
e
Eldar
02/06/2018, 6:48 PMyes
g
groob
02/06/2018, 6:48 PMand is fleet running on port 12345?
e
Eldar
02/06/2018, 6:49 PMno. it is forwarded port to 8080
g
groob
02/06/2018, 6:50 PMsounds like that's where the issue is
e
Eldar
02/06/2018, 7:10 PMshit added new host 😄
k
Kemal
02/07/2018, 8:26 AMcan you help me about this issue? /usr/bin/fleet prepare db \
--mysql_address=127.0.0.1:3306 \
--mysql_database=kolide \
--mysql_username=root \
--mysql_password=toor
I edited that code for my environment and when I ran I got this error
2018/02/07 08:03:08 FAIL 20161118212641_CreateTablePasswordResetRequests.go (Error 1067: Invalid default value for ‘expires_at’), quitting migration.
i set system time to UTC and Repeated the command again this time mysql output is migration completed
g
groob
02/07/2018, 9:39 AMyou must use mysql 5.7
k
Kemal
02/07/2018, 9:58 AMyes, 5.7.21 ubuntu 16.04.1
and I solved this after I set timezone to UTC and restart the system
i dont know the case is related restarting or setting UTC?
g
groob
02/07/2018, 10:29 AMprobably setting UTC