Just a thing I ran in to regarding

Question

Just a thing I ran in to regarding <https fleetdm com docs deploying faq what api endpoints should i expose to the public internet> It doesn t mention ` api osquery log` which is where the scheduled queries packs etc return to by default Not sure why its not ` api v1 osquery log` or something

Kathy Satterlee · Answer

Hey < chrismsnz> It s generally recommended to use the ` api v1 ` formatting for endpoints There are some changes in the works for the API that are slowly being implemented so some endpoints will work without the version but all endpoints will work with the version specified Both ` api v1 osquery log` and ` api osquery log` will work I see that we ve got some references to ` api osquery log` in the configuration documentation I ll get that updated to use the standard endpoint

chrismsnz · Answer

Ah ok they both work I ll change the agent config then Thanks

Kathy Satterlee · Answer

Any time

chrismsnz · Answer

I dont remember changing this file so i suspect it s fleet s out of the box agent config

Kathy Satterlee · Answer

I m going to run that part up the flagpole slightly smiling face

Kathy Satterlee · Answer

Just an FYI this has spurred some internal discussion We ll be moving everything in the docs and the default flag files for Orbit to use the ` api osquery ` endpoints and updating the docs to reflect that The versioned endpoint will still work and I ll make sure that s called out in the docs as well for backward compatibility

chrismsnz · Answer

Sweet thanks for the update will keep it in mind going forward