empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 08:55:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update endpoints for osquery (#10012)

Browse Source 
Added `/api/osquery` to the list of endpoints to expose to public
internet.
This commit is contained in:
Katheryn Satterlee 2023-02-22 10:22:09 -06:00 committed by GitHub
parent 407d05eab9
commit ed20ff44c1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/Deploying/FAQ.md
View File

@ -177,9 +177,12 @@ Check out the [documentation on running database migrations](https://fleetdm.com
## What API endpoints should I expose to the public internet?
If you would like to manage hosts that can travel outside your VPN or intranet we recommend only exposing the `/api/v1/osquery` endpoint to the public internet.
If you would like to manage hosts that can travel outside your VPN or intranet we recommend only exposing the osquery endpoints to the public internet:
If you are using Fleet Desktop and want it to work on remote devices, the bare minimum API to expose is `/api/latest/fleet/device/*/desktop`. This minimal endpoint will only provide the number of failing policies.
- `/api/osquery`
- `/api/v1/osquery`
If you are using Fleet Desk, top and want it to work on remote devices, the bare minimum API to expose is `/api/latest/fleet/device/*/desktop`. This minimal endpoint will only provide the number of failing policies.
For full Fleet Desktop functionality, `/api/fleet/orbit/*` and`/api/fleet/device/ping` must also be exposed.
@ -187,7 +190,6 @@ If you would like to use the fleetctl CLI from outside of your network, the foll
- /api/setup
- /api/v1/setup
- /api/osquery/*
- /api/latest/fleet/*
- /api/v1/fleet/*