JojoD
04/12/2022, 8:35 AMuser
04/12/2022, 2:56 PMJincheng Yin
04/13/2022, 10:42 AMsudo fleetctl preview
?
System: MacOS Monterey. CPU: Intel
Error: Failed to install: download archive https://github.com/fleetdm/fleet/releases/download/fleet-v4.12.1/fleetctl_v4.12.1_macos.tar.gz: self signed certificate in certificate chainAlexander
04/13/2022, 1:48 PM1 devices @ $1.00/device/month
Billed anually at $12.00/yr
Next payment on Apr 13, 2023Should be annually.
Adam Kuncewitch
04/13/2022, 4:39 PMn8felton
04/13/2022, 5:12 PMSELECT version, COUNT(version) FROM os_version GROUP BY version;
that will tell me something like this for the whole fleet.
+---------+----------------+
| version | COUNT(version) |
+---------+----------------+
| 12.2.1 | 18 |
| 12.3.1 | 186 |
+---------+----------------+
Helder
04/13/2022, 6:46 PMryan
04/13/2022, 9:53 PMDan Achin
04/14/2022, 7:00 PMuser
04/15/2022, 5:07 PMryan
04/15/2022, 11:37 PMSELECT path FROM mdfind WHERE mdfind.query = "kMDItemFSName == '*.ovpn'"
but if I run the same query via fleet and it comes back with nothing? If I just query the path directly on the file table it finds the file so it's something specific about the mdfind
table, any ideas? FWIW it seems to work on some computers that are using launcher but I am using orbit if that matters?Artem
04/18/2022, 10:43 AMzwass
zwass
zwass
user
04/19/2022, 2:11 AMalessandrogario
user
04/20/2022, 3:21 AMuser
04/22/2022, 12:00 AMOjas
04/25/2022, 10:34 AMn0b00de
04/25/2022, 9:19 PMn0b00de
04/25/2022, 11:17 PMn0b00de
04/26/2022, 3:56 PMpvirani
04/26/2022, 4:01 PMosqueryd
and the container never gets enrolled successfully. Any ideas why? 🤔 (btw same error occurs upon running osqueryi
as well)
# osqueryd --verbose --tls_dump
I0426 15:59:05.960875 265 init.cpp:357] osquery initialized [version=5.2.3]
I0426 15:59:05.960927 265 init.cpp:364] Using default flagfile: /etc/osquery/osquery.flags.default
I0426 15:59:05.979229 265 system.cpp:354] Found stale process for osqueryd (157)
I0426 15:59:05.979316 265 system.cpp:386] Writing osqueryd pid (265) to /var/run/osqueryd.pidfile
I0426 15:59:05.979460 265 extensions.cpp:453] Could not autoload extensions: Cannot open file for reading: /etc/osquery/extensions.load
I0426 15:59:05.979648 265 dispatcher.cpp:78] Adding new service: WatcherRunner (0x55ba6f2c72d8) to thread: 140231381698112 (0x55ba6f2b4dc0) in process 265
I0426 15:59:05.980381 266 watcher.cpp:656] osqueryd watcher (265) executing worker (267)
I0426 15:59:05.986223 267 init.cpp:354] osquery worker initialized [watcher=265]
I0426 15:59:05.986275 267 init.cpp:364] Using default flagfile: /etc/osquery/osquery.flags.default
I0426 15:59:05.986357 267 dispatcher.cpp:78] Adding new service: WatcherWatcherRunner (0x5567575220d8) to thread: 140552803788352 (0x55675751a9d0) in process 267
I0426 15:59:05.986425 267 rocksdb.cpp:132] Opening RocksDB handle: /var/osquery/osquery.db
I0426 15:59:06.008972 267 dispatcher.cpp:78] Adding new service: ExtensionWatcher (0x5567575fef38) to thread: 140552259495488 (0x556757608310) in process 267
I0426 15:59:06.009070 267 dispatcher.cpp:78] Adding new service: ExtensionRunnerCore (0x5567575fed18) to thread: 140552267888192 (0x556757529ee0) in process 267
I0426 15:59:06.009122 366 interface.cpp:299] Extension manager service starting: /var/osquery/osquery.em
E0426 15:59:06.009130 267 shutdown.cpp:79] Cannot activate tls && --enroll_secret_path=/etc/osquery/osquery.secret && --enroll_tls_endpoint=/api/v1/osquery/enroll&& --config_tls_endpoint=/api/v1/osquery/config && --tls_hostname=<http://fleetdm.segment.com|fleetdm.segment.com> && --config_refresh=300 && --config_tls_accelerated_refresh=300 && --config_tls_max_attempts=9999 && --distributed_tls_read_endpoint=/api/v1/osquery/distributed/read && --distributed_tls_write_endpoint=/api/v1/osquery/distributed/write && --carver_start_endpoint=/api/v1/osquery/carve/begin && --carver_continue_endpoint=/api/v1/osquery/carve/block config plugin: Unknown registry plugin: tls && --enroll_secret_path=/etc/osquery/osquery.secret && --enroll_tls_endpoint=/api/v1/osquery/enroll&& --config_tls_endpoint=/api/v1/osquery/config && --tls_hostname=<http://fleetdm.segment.com|fleetdm.segment.com> && --config_refresh=300 && --config_tls_accelerated_refresh=300 && --config_tls_max_attempts=9999 && --distributed_tls_read_endpoint=/api/v1/osquery/distributed/read && --distributed_tls_write_endpoint=/api/v1/osquery/distributed/write && --carver_start_endpoint=/api/v1/osquery/carve/begin && --carver_continue_endpoint=/api/v1/osquery/carve/block
I0426 15:59:06.009331 267 dispatcher.cpp:149] Thread: 140552803806784 requesting a stop
I0426 15:59:06.009389 267 dispatcher.cpp:156] Service: 0x5567575220d8 has been interrupted
I0426 15:59:06.009459 267 dispatcher.cpp:156] Service: 0x5567575fef38 has been interrupted
I0426 15:59:06.009536 267 dispatcher.cpp:156] Service: 0x5567575fed18 has been interrupted
I0426 15:59:06.009622 267 dispatcher.cpp:122] Thread: 140552803806784 requesting a join
I0426 15:59:06.010021 267 dispatcher.cpp:140] Service thread: 0x556757529ee0 has joined
I0426 15:59:06.010056 267 dispatcher.cpp:140] Service thread: 0x556757608310 has joined
I0426 15:59:06.010100 267 dispatcher.cpp:140] Service thread: 0x55675751a9d0 has joined
I0426 15:59:06.010123 267 dispatcher.cpp:144] Services and threads have been cleared
E0426 15:59:08.981992 266 shutdown.cpp:79] Worker returned exit status
I0426 15:59:08.983098 265 dispatcher.cpp:149] Thread: 140231381716544 requesting a stop
I0426 15:59:08.983296 265 dispatcher.cpp:122] Thread: 140231381716544 requesting a join
I0426 15:59:08.983441 265 dispatcher.cpp:140] Service thread: 0x55ba6f2b4dc0 has joined
I0426 15:59:08.983824 265 dispatcher.cpp:144] Services and threads have been cleared
roberto
04/26/2022, 4:22 PMuser
04/26/2022, 5:45 PMkarthik
04/26/2022, 7:03 PMAdam Kuncewitch
04/27/2022, 1:42 AMArtem
04/27/2022, 1:27 PM535 5.7.8 Username and Password not accepted
when setting up SMTP settings in Fleet UI?
We use Google Workspace with our custom domain, I’ve enabled 2FA on service email account and generated application-specific password. When I set up SMTP config on Settings page, I don’t see any problems.
Using Chrome Dev Console I see such SMTP settings:
"smtp_settings": {
"enable_smtp": true,
"configured": true,
"sender_address": "<mailto:user@ourdomain.com|user@ourdomain.com>",
"server": "<http://smtp.gmail.com|smtp.gmail.com>",
"port": 587,
"authentication_type": "authtype_username_password",
"user_name": "<mailto:user@ourdomain.com|user@ourdomain.com>",
"password": "********",
"enable_ssl_tls": true,
"authentication_method": "authmethod_plain",
"domain": "",
"verify_ssl_certs": true,
"enable_start_tls": true
}
But when I try to invite new user to Fleet I see such error:
535 5.7.8 Username and Password not accepted. Learn more at\n5.7.8 <https://support.google.com/mail/?p=BadCredentials> i27-20020a1c541b000000b003928e866d32sm1520496wmb.37 - gsmtp
ryan
04/27/2022, 5:03 PM{"mysql":"could not connect to db: x509: cannot validate certificate for 1.1.1.1 because it doesn't contain any IP SANs
I can connect fine to the MYSQL instance from the server running fleet by adding the --ssl-cert --ssl-key and --ssl-ca
mysql:
address: 1.1.1.1:3306
database: fleetdm
username: user
password: ':)'
tls_ca: /etc/ssl/certs/server-ca.pem
tls_cert: /etc/ssl/certs/mysql-fleet-cert.pem
tls_key: /etc/ssl/certs/mysql-fleet-key.pem
server_name: 1.1.1.1
What am I missing?