• j

    Jdotmac

    2 years ago
    @zwass - I was hoping to avoid dependencies in the Powershell module code and access kolide directly. I haven’t tried wrapping PS around fleetctl on windows though. Will the kolide API allow for running live queries?
  • zwass

    zwass

    2 years ago
    Sure, you can run live queries with the Fleet API. That's what the Fleet frontend and
    fleetctl
    do. You can search for old threads in #kolide where I tried to point folks towards those implementations.
  • j

    Jdotmac

    2 years ago
    Thanks! I was able to get something working pretty quickly. I’ll check out #kolide for Live Query examples (as I only tired GETs)
  • zwass

    zwass

    2 years ago
    For the live query you need to open a websocket and reauth for the result stream. It's not quite as simple but it's nothing crazy.
  • Please post your code when you finish if you are able to.
  • j

    Jdotmac

    2 years ago
    Cool thanks for pointing me in the right direction. Haven’t had a chance to try yet but I see from the JS client example how to go about it. I can post a sample in this channel tomorrow
  • I’m still struggling with this a bit. When setting up the websocket in C# I’m required to provide a wss😕/ scheme url but can’t seem to find what url I should use. I’m seen other implementations that create a tcp connection and send over a special header asking for a connection upgrade but wasn’t working for me. Any ideas?
  • zwass

    zwass

    2 years ago
  • j

    Jdotmac

    2 years ago
    Ah perfect. Thanks again!