Commit Graph

6786 Commits

Author SHA1 Message Date
Marcos Oviedo
88a9d67e8a
Ensuring MDM management stack initialization is done (#9928)
This relates to #9310 


This PR introduces changes to ensure that MDM management stack is ready
(required for first-time exec on brand-new machines). The PR also removes unnecessary info on the error messages
2023-02-20 11:43:35 -03:00
Lucas Manuel Rodriguez
03a588d65d
Allow tls_dump in agent settings (#9916)
This allows for configuring `tls_dump` in the agent settings under
`options` and under `command_line_flags`:
![Screenshot 2023-02-17 at 17 01
33](https://user-images.githubusercontent.com/2073526/219781091-af3f8f90-5ed3-4e53-aa3e-edc66750b3d1.png)
2023-02-20 11:24:12 -03:00
Zach Wasserman
7fa739889d
Add 'Get Crowdstrike Falcon network content filter status' to query library (#9931) 2023-02-17 20:16:28 -08:00
Luke Heath
13e821d059
Prepare for 4.27.1 (#9885) 2023-02-17 19:19:02 -08:00
Mike McNeil
6fdb55834f
Training is important (#9937) 2023-02-17 20:14:02 -06:00
Mike McNeil
5adc070bd4
Change DRI for standard query library (#9936)
based on github.com/fleetdm/fleet/pull/9931

.
2023-02-17 19:38:25 -06:00
Eric
49c694e676
Website: update GitHub webhook to tolerate failed Merge Freeze requests (#9934)
Changes:
- Updated the `receive-from-github` webhook to tolerate failed requests
to the Merge Freeze API. If a request fails, the webhook logs a warning
and continues as if the main branch is not frozen.

---------

Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
2023-02-17 19:37:58 -06:00
Mike McNeil
7eda0847e3
Route /jobs to /handbook/company#open-positions (#9929)
https://fleetdm.com/apply
now points to https://fleetdm.com/jobs 
which now points to https://fleetdm.com/handbook/company#open-positions
2023-02-17 17:44:15 -06:00
Zach Wasserman
2c66547b72
Give Vanta empty drives array when we don't know about encryption (#9918)
Vanta doesn't like undefined/null values for the encryption status.
Hopefully it will accept an empty array.
2023-02-17 14:40:30 -06:00
Mike McNeil
545a383558
Friendlier (#9917)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-17 14:27:12 -06:00
Roberto Dip
f6b86a55d9
Use dynamic serial numbers in osquery-perf (#9904)
This helps with MDM local testing as serial numbers play a big role.
2023-02-17 17:10:49 -03:00
Roberto Dip
5a09ac0bfc
refactor how we send Fleet initiated MDM commands (#9903)
https://github.com/fleetdm/fleet/issues/9590

- move the logic to send commands into its own service method that can
be used internally by cron jobs and other services.
- deprecate the use of `rawEnqueueCommand` as it's copyied from the
nanomdm codebase where it's used in other context as a general command
API handler
2023-02-17 16:26:51 -03:00
gillespi314
345a1f4c36
Update docs with permissions for MDM configuration profiles (#9906) 2023-02-17 13:26:39 -06:00
Zach Wasserman
c99d7677e7
Skip setting details for pending enrollment MDM hosts (#9911) 2023-02-17 10:56:08 -08:00
Eric
753d200e45
Website: Update Vanta integration script error logging (#9910)
Changes:
- Changed the message logged when a Vanta integration has an error to a
warning so our Papertrail alerts will be triggered whenever a Vanta
integration has an error.
2023-02-17 12:28:17 -06:00
Roberto Dip
314e8fe3d5
standardize a default value for empty cells (#9899) 2023-02-17 15:25:28 -03:00
Zach Wasserman
e4141e68b0
Support hosts with no software in Vanta integration (#9909) 2023-02-17 10:06:31 -08:00
Zach Wasserman
7cb51d7ba2
Change reporting of MFA to Vanta for API-only users (#9896)
The intention is to have Vanta stop showing warnings for missing MFA on
API-only users. It's not clear if setting `UNSUPPORTED` is the correct
solution, but it does seem more accurate than setting the `mfaEnabled`
to `true`.
2023-02-17 08:49:20 -08:00
Lucas Manuel Rodriguez
1f97514200
Only set public IPs on host.public_ip and add docs (#9900)
#9857

The "Public IP address" field is sometimes set to a "Private IP" on the
following types of Fleet deployments:
- Local deployments.
- Deployments where Fleet is on a private network.
- Deployments where an agent connects to Fleet not via the public
internet.

This PR will prevent a private IP to be set on the `host.public_ip`
field.
And this PR also adds documentation on how Fleet deduces the public IPs
of the devices so that a user can make the changes to fix this.

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- ~[ ] Added/updated tests~
- [X] Manual QA for all new/changed functionality
  - ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-02-17 13:00:56 -03:00
gillespi314
086964726d
Add API endpoints for MDM config profiles (#9817)
Issue #9586

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2023-02-17 09:28:28 -06:00
Benjamin Edwards
0db432f7e3
vuln processing distinct command (#9813)
closes https://github.com/fleetdm/fleet/issues/3723

Add new vuln processing command, configs, and documentation on how to utilize.
2023-02-17 10:00:57 -05:00
RachelElysia
c21d592fe1
Fleet UI: Default policies preselect targeted platforms only (#9861) 2023-02-17 08:48:40 -05:00
Mike McNeil
ad5229ddfa
Avoid confusing what is and isn’t a department + punctuation (#9897)
# Checklist for submitter

.
If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-16 21:23:54 -06:00
Eric
4142d591f3
Website: Update <call-to-action> component and article formatting guide (#9892)
Changes:
- Changed the name of the `type` prop of the `<call-to-action>`
component to `preset`
- Updated `<call-to-action>` components in articles to use the new prop
name
- Updated the article formatting guide in the Handbook to document how
to use a `<call-to-action>` preset and added examples of our two
presets.
2023-02-16 18:13:00 -06:00
Mike McNeil
f1c3aca5e3
/imagine/unused-software (#9893)
Stub for landing page.

@jarodreyes will take it from here (but i'll go ahead and merge)
2023-02-16 18:11:56 -06:00
Noah Talerman
070f551070
MDM docs: Add supported macOS versions (#9887)
- Fleet supports MDM features on macOS 12+
2023-02-16 16:39:35 -05:00
Katheryn Satterlee
717f79f279
Update Fleet-desktop.md (#9891)
Add note for self-remediation
2023-02-16 15:23:54 -06:00
Mike McNeil
008c945b75
Fix handbook link (#9890)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-16 14:48:16 -06:00
Eric
c4786aa718
Website: Update symbol used for pricing page footnote (#9889) 2023-02-16 14:31:14 -06:00
Robert Fairburn
78fd5f2971
Initial terraform monitoring addon module (#9864) 2023-02-16 14:30:08 -06:00
Lucas Manuel Rodriguez
b757e447bc
Fix private IP ingestion in network_interface_unix and network_interface_windows. (#9884)
#8924

This is reproduced in dogfood for `dogfood-centos-box` and
`dogfood-ubuntu-box` where their "Private IP" is also their "Public IP".
Given that these hosts have their "Primary IP" configured to be their
"Public IP" alongside their "Private IP", the `network_interface_unix`
and `network_interface_windows` queries are now changed to ingest only
private IPs for the "Private IP" field.

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- ~[ ] Added/updated tests~
- [X] Manual QA for all new/changed functionality
  - ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-02-16 17:16:40 -03:00
Mike McNeil
b3e9db8789
Add CTA to apply to Fleet, swapped with company page for visibility (#9880)
.
2023-02-16 13:58:50 -06:00
Zach Wasserman
991858d6d5
Pull go version from GitHub variables for Fleet release builds (#9883) 2023-02-16 11:52:09 -06:00
Luke Heath
92caf4037e
Apply styling to empty states in select query modal (#9871) 2023-02-16 11:32:53 -06:00
Katheryn Satterlee
e4a8bf4130
Add note about Orbit host identifier (#9882)
Added a note reccomending `uuid` as host identifier when using Fleet
generated packages. Resolves #9033
2023-02-16 11:03:48 -06:00
Andrew Baker
1187050605
Update fleet-4.27.0.md (#9832)
Added a note concerning the changes to osquery packs

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-16 12:03:40 -05:00
Martin Angers
4a1f3988f0
Add "edited macos profiles" activity when applying custom settings via fleetctl (#9862)
#9587 and #9639
2023-02-16 13:53:26 -03:00
Mike McNeil
2e6786f8c4
Handbook: Fix heading indentation (sprung a leak) (#9879) 2023-02-16 08:02:29 -06:00
Mike McNeil
aea6dca51a
handbook: trivial linkage (#9878)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-16 07:54:06 -06:00
Mike McNeil
477d753af5
Consolidate "Tools we use" plus some todos and other improvmenets (#9877)
. . .
2023-02-16 07:50:17 -06:00
Mike McNeil
50b9b43e31
Auto-approvals: fleetdm/confidential: Add free-for-all/ folder and fi… (#9876)
…x broken piece

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-16 07:38:04 -06:00
Mike McNeil
321c34033a
Add autoapprovers for business process issue templates (#9875)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
 
.
2023-02-16 06:01:06 -06:00
Mike McNeil
93a225cb1e
Pull human interest stuff to the top, plus trim back some things, var… (#9874)
…ious improvements
2023-02-16 05:07:52 -06:00
Mike McNeil
7a8d5b26ba
Combine "why open source" and "why the focus on openness" into a sing… (#9873)
…le section
2023-02-16 05:07:38 -06:00
Luke Heath
9cf0cac674
Restyle actions dropdown on host details (#9865)
Apply styling as directed in Figma for #8709
2023-02-16 10:32:06 +00:00
TomOstertag
ca7e907659
Handbook; Scrum Section Typos (#9387)
Charlie led onboarding we fixed some typos.
2023-02-15 23:50:11 -06:00
Paul Dittmer
87ff12a3fc
Handbook: Sales deck updated (#9446)
Handbook:  Sales deck updated link to reflect Q1 2023
2023-02-15 23:47:15 -06:00
Luke Heath
e822c7e1db
Update engineering handbook (#9729) 2023-02-15 23:45:37 -06:00
Mike McNeil
6a1a6f48c2
Adjust DRI for content style guide and add guidance about how to use fleets (#9869) 2023-02-15 23:44:55 -06:00
Andrew Baker
7fb3526919
Fix when loaded from /compliance/ (#9868)
Page works on /compliance but images don't load on /compliance/

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-02-15 17:54:47 -06:00