https://github.com/osquery/osquery logo
#kolide
Title
# kolide
g

groob

02/06/2018, 6:24 PM
oh, your
enroll_secret_env
flag should not be the secret
e

Eldar

02/06/2018, 6:27 PM
than what should be?
g

groob

02/06/2018, 6:28 PM
see below
e

Eldar

02/06/2018, 6:33 PM
to place the secret in file?
osqueryd --enroll_secret_path=/tmp/enroll --tls_server_certs=/etc/osquery/kolide.crt --tls_hostname=127.0.0.1 --host_identifier=uuid --enroll_tls_endpoint=/api/v1/osquery/enroll --config_plugin=tls --config_tls_endpoint=/api/v1/osquery/config --config_tls_refresh=10 --disable_distributed=false --distributed_plugin=tls
g

groob

02/06/2018, 6:38 PM
your tls hostname flag is also wrong. that's just an ip address. it needs the port and it needs to match your certificate
can you show us the fleet startup as well?
and any logs osquery might be reporting. you'll ahve to add
--verbose
and
--tls_dump
to the osqueryd startup
e

Eldar

02/06/2018, 6:40 PM
fleet serve --config /tmp/kolide.yml --auth_jwt_key 93hxhlw4b+WFMlxGV5RKzKTmml5itxA1
g

groob

02/06/2018, 6:42 PM
ok that looks fine i'm guessing
add the verbose and tls_dump flags to osqueryd and try starting it again
e

Eldar

02/06/2018, 6:47 PM
Copy code
W0206 18:31:39.313983  5271 tls_enroll.cpp:70] Failed enrollment request to <https://localhost:12345/api/v1/osquery/enroll> (Request error: Failed to connect to localhost:12345: Connection refused) retrying
g

groob

02/06/2018, 6:48 PM
is your cert signed for localhost?
e

Eldar

02/06/2018, 6:48 PM
yes
g

groob

02/06/2018, 6:48 PM
and is fleet running on port 12345?
e

Eldar

02/06/2018, 6:49 PM
no. it is forwarded port to 8080
g

groob

02/06/2018, 6:50 PM
sounds like that's where the issue is
e

Eldar

02/06/2018, 7:10 PM
shit added new host 😄
k

Kemal

02/07/2018, 8:26 AM
can you help me about this issue? /usr/bin/fleet prepare db \ --mysql_address=127.0.0.1:3306 \ --mysql_database=kolide \ --mysql_username=root \ --mysql_password=toor I edited that code for my environment and when I ran I got this error 2018/02/07 080308 FAIL 20161118212641_CreateTablePasswordResetRequests.go (Error 1067: Invalid default value for ‘expires_at’), quitting migration.
i set system time to UTC and Repeated the command again this time mysql output is migration completed
g

groob

02/07/2018, 9:39 AM
you must use mysql 5.7
k

Kemal

02/07/2018, 9:58 AM
yes, 5.7.21 ubuntu 16.04.1 and I solved this after I set timezone to UTC and restart the system
i dont know the case is related restarting or setting UTC?
g

groob

02/07/2018, 10:29 AM
probably setting UTC
4 Views