Is there any way I can fully disable software inventory and software vulnerability?
I’m pretty confident that the execution of this query while installing orbit on our hosts are causing too many LDAP search requests to our server sand it’s not being able to handle it, so I’d like to completely disable this feature.
Hey Kathy! Thanks for the information
The scenario I’m seeing is the following:
When installing Orbit/OSquery to a number of CentOS hosts we have that are enrolled to LDAP, right after the install process the server receives a high number of SEARCH requests, which then drops a little, but keeps higher than what it was before installing orbit itself
The major painpoint is the installation process, but since it keeps the average higher, when installing to, say 1500 hosts, it is also high enough to be a problem.
That said, I tried some debugging on both osqueryd running verbose and nslcd (name resolution service) running debug to try to find some correlation, with not much luck, the only strong thing I have on both is the install process, which I intend to test without software inventory to see if it changes
Just bringing some info before the actual tests, after putting the 2 settings you mentioned, the load on the LDAP Server already decreased a whole lot
I’ll try with the infra team to provision some new hosts and check if any request will be made, but it seems this solves the problem we were facing over here, thanks in advance you all! 😁