A flexible control server for osquery fleets
Add stdout logging plugin.
Add AWS kinesis logging plugin.
Add compression option for filesystem logging plugin.
Add support for Redis TLS connections.
Add osquery host identifier to EnrollAgent logs.
Add osquery version information to output of fleetctl get hosts.
Add hostname to UI delete host confirmation modal.
Update osquery schema to 4.5.0.
Update osquery versions available in schedule query UI.
Update MySQL driver.
Remove support for (previously deprecated) old TLS profile.
Fix cleanup of queries in bad state. This should resolve issues in which users experienced old live queries repeatedly returned to hosts.
Fix output kind of fleetctl get options.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/3.2.0/docs/README.md
sha256sum fleet.zip
547dab47de15ae02c6f891b1e36641595dac570af40daf7a776715320ff3e28c fleet.zip
Add configuration option to set Redis database (--redis_database).
Add configuration option to set MySQL connection max lifetime (--mysql_conn_max_lifetime).
Add support for printing a single enroll secret by name.
Fix bug with label_type in older fleetctl yaml syntax.
Fix bug with URL prefix and Edit Pack button.
Please visit our update guide for upgrade instructions.
As always, it is strongly recommended to back up the database before running migrations.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/3.1.0/docs/README.md
sha256sum fleet.zip
6e5e8a733ce88c3506d7e637444cbfa34be702c1d9c5daf1625a2a19c5960398 fleet.zip
Backend performance overhaul. The Fleet server can now handle hundreds of thousands of connected hosts.
Pagination implemented in the web UI. This makes the UI usable for any host count supported by the backend.
Add capability to collect "additional" information from hosts. Additional queries can be set to be updated along with the host detail queries. This additional information is returned by the API.
Removed extraneous network interface information to optimize server performance. Users that require this information can use the additional queries functionality to retrieve it.
Add "manual" labels implementation. Static labels can be set by providing a list of hostnames with fleetctl.
Add JSON output for fleetctl get commands.
Add fleetctl get host to retrieve details for a single host.
Update table schema for osquery 4.4.0.
Add support for multiple enroll secrets.
Logging verbosity reduced by default. Logs are now much less noisy.
Fix import of github.com/kolide/fleet Go packages for consumers outside of this repository.
Please visit our update guide for upgrade instructions.
As always, it is strongly recommended to back up the database before running migrations.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/3.0.0/docs/README.md
sha256sum fleet.zip
260336e6bf446ec492531c2e279ba58b3c676a126b9db8a90bf7c327f2d38526 fleet.zip
Add server logging for X-Forwarded-For header.
Add --osquery_detail_update_interval to set interval of host detail updates.
Set this (along with --osquery_label_update_interval) to a longer interval
to reduce server load in large deployments.
Fix MySQL deadlock errors by adding retries and backoff to transactions.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.6.0/docs/README.md
sha256sum fleet.zip
4fe8065249ff153e5793d0566ae1cf1290569bcae8c96b4d30766464938ec2e9 fleet.zip
Add fleetctl goquery command to bring up the github.com/AbGuthrie/goquery CLI.
Add ability to disable live queries in web UI and fleetctl.
Add --query-name option to fleetctl query. This allows using the SQL from a saved query.
Add --mysql-protocol flag to allow connection to MySQL by domain socket.
Improve server logging. Add logging for creation of live queries. Add username information to logging for other endpoints.
Allow CREATE queries in the web UI.
Fix a bug in which fleetctl query would exit before any results were returned when latency to the Fleet server was high.
Fix an error initializing the Fleet database when MySQL does not have event permissions.
Deprecate "old" TLS profile.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.5.0/docs/README.md
sha256sum fleet.zip
f609a992ddd7a09c70b94771d1995aa63bbaa772ce32d26a219d634de95e7a24 fleet.zip
Add --server_url_prefix flag to configure a URL prefix to prepend on all Fleet URLs. This can be useful to run fleet behind a reverse-proxy on a hostname shared with other services.
Add option to automatically expire hosts that have not checked in within a certain number of days. Configure this in the "Advanced Options" of "App Settings" in the browser UI.
Add ability to search for hosts by UUID when targeting queries.
Allow SAML IdP name to be as short as 4 characters.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.4.0/docs/README.md
sha256sum fleet.zip
830e6ede3637f6d3794018cc6d054ffe2af997c29de2a79898fb795ee8e1f3a5 fleet.zip
Upgrade Go to 1.12.8 to fix CVE-2019-9512, CVE-2019-9514, and CVE-2019-14809.
Upgrade is recommended for all Fleet users to mitigate the HTTP DoS vulnerabilities fixed in Go 1.12.8.
Add capability to export packs, labels, and queries as yaml in fleetctl get with the --yaml flag. Include queries with a pack using --with-queries.
Modify email templates to load image assets from Github CDN rather than Fleet server (fixes broken images in emails when Fleet server is not accessible from email clients).
Add warning in query UI when Redis is not functioning.
Fix minor bugs in frontend handling of scheduled queries.
Minor styling changes to frontend.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.2.0/docs/README.md
sha256sum fleet.zip
88fd48b5ee605fddafb3fff9b28ea2bee44632b4ad8a6215a424c8a96115c5a2 fleet.zip
Add GCP PubSub logging plugin. Thanks to Michael Samuel for adding this capability.
Improved escaping for target search in live query interface. It is now easier to target hosts with + and - characters in the name.
Server and browser performance improvements by reduced loading of hosts in frontend. Host status will only update on page load when over 100 hosts are present.
Utilize details sent by osquery in enrollment request to more quickly display details of new hosts. Also fixes a bug in which hosts could not complete enrollment if certain platform-dependent options were used.
Fix a bug in which the default query runs after targets are edited.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.2.0/docs/README.md
sha256sum fleet.zip
ca6147efcfd8f31184445f20cc843240252d6ef81bae05312f902e4c59167eea fleet.zip
This advisory only effects installations using the LOGIN authentication method for SMTP (added in Fleet 2.0.2).
The implementation of LOGIN auth could expose SMTP credentials over an insecure connection if the server did not claim to support STARTTLS. This could allow an attacker to sniff or MITM SMTP traffic and obtain the credentials.
Effected users should immediately update to Fleet 2.1.2 and rotate the effected SMTP credentials.
Prevent sending of SMTP credentials over insecure connection
Prefix generated SAML IDs with 'id' (improves compatibility with some IdPs)
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.1.1/docs/README.md
Automatically pull AWS STS credentials for Firehose logging if they are not specified in config.
Fix bug in which log output did not include newlines separating characters.
Fix bug in which the default live query was run when navigating to a query by URL.
Update logic for setting primary NIC to ignore link-local or loopback interfaces.
Disable editing of logged in user email in admin panel (instead, use the "Account Settings" menu in top left).
Fix a panic resulting from an invalid config file path.
Please visit our update guide for upgrade instructions.
Documentation for this release can be found at https://github.com/kolide/fleet/blob/2.1.1/docs/README.md