Commit Graph

218 Commits

Author SHA1 Message Date
noahtalerman
b283767574
Add file carve endpoints and remaining user endpoints to REST API docs (#346)
The endpoint included in these changes:
- /api/v1/kolide/carves GET
- /api/v1/kolide/carves/{id} GET
- /api/v1/kolide/users/{id} PATCH
- /api/v1/kolide/users/{id}/enable POST
- /api/v1/kolide/users/{id}/admin POST
- /api/v1/kolide/users/{id}/require_password_reset POST
- /api/v1/kolide/users/{id}/sessions GET
- /api/v1/kolide/users/{id}/sessions DELETE
2021-02-25 11:43:15 -08:00
Zach Wasserman
de0b3324b1
Add AWS Lambda as logging plugin (#347)
This plugin invokes the provided function with each log line as the
payload.

Closes #342
2021-02-24 10:02:26 -08:00
noahtalerman
e8b510a108
Edit /hosts and /labels endpoints in API docs (#280)
- Add query parameter to the /api/v1/fleet/hosts endpoint and edit the example request and response.
- Add query parameter to the /api/v1/fleet/labels/{id}/hosts endpoint
These changes support the ability to perform a search on the Hosts table by hostname, machine_serial, and ipv4.
2021-02-24 09:55:48 -08:00
Mike McNeil
2b1b8c8a2b
typofix 2021-02-22 16:42:30 -06:00
noahtalerman
3ccd624ee1
Add /targets endpoint to REST API docs. (#331)
This PR is part of the Complete documentation for Fleet API project #43.

The endpoint included in these changes:
- `POST api/v1/fleet/targets`

Additional changes:
- Now order_key and order_direction are included in the parameters table for endpoints that support them. Fixes #326
- Change endpoints to `api/v1/fleet` naming
2021-02-18 12:54:06 -08:00
noahtalerman
8438278ba3
Add instructions for moving queries and packs from one Fleet env to another (#307)
Add documentation that includes lean instructions for exporting queries and packs from one Fleet environment and importing them in another.
2021-02-16 14:48:19 -08:00
Mike Thomas
8713daf44f
Update 1-Building-Fleet.md (#314)
Add correct Docker link to Building Fleet doc.
2021-02-15 11:22:43 -08:00
Mike Thomas
7bfce469de
Update 1-Building-Fleet.md (#313)
Added text to clarify that a new terminal tab should be opened after making changes to bash profile.
2021-02-15 11:21:57 -08:00
Zach Wasserman
d624e099fb
Deprecate environment variable prefix (#301)
- Support both `FLEET_` and `KOLIDE_` prefixes.
- Add logging about deprecated `KOLIDE_` prefix.
- Update documentation and sample configs.
2021-02-11 15:36:58 -08:00
noahtalerman
300854ead9
Add labels endpoint to REST API docs (#294)
This PR is part of the Complete documentation for Fleet API project #43.

The endpoints included in these changes:
- /labels POST
- /labels/{id} PATCH
- /labels/{id} GET
- /labels GET
- /labels/{id}/hosts GET
- /labels/{name} DELETE
- /labels/id/{id} DELETE
- /spec/labels POST
- /spec/labels GET
- /spec/labels/{name} GET
2021-02-11 08:38:31 -08:00
Zach Wasserman
7a68e3de65
Deprecate /api/v1/kolide routes (#297)
- Support both /api/v1/fleet and /api/v1/kolide routes in server.
- Add logging for use of deprecated routes.
- Rename routes in frontend JS.
- Rename routes and add notes in documentation.
2021-02-10 12:13:11 -08:00
Mike McNeil
170a85aa9c
Dedupe and cut back on some verbiage in auth docs, fix typo (#277) 2021-02-09 16:38:18 -08:00
Zach Wasserman
e2e7e4707d
Update database migration tooling (#281)
- Use updated github.com/fleetdm/goose that generates templates
  requiring less editing.
- Add `make migration` to Makefile.
- Update documentation.
2021-02-05 09:48:06 -08:00
Zach Wasserman
78c3b120e2
Add documentation for committing changes (#278)
Replaces documentation on ADRs which are not currently used.
2021-02-05 09:47:32 -08:00
Zach Wasserman
ffd99ae9b7
Update release instructions (#275) 2021-02-04 09:09:39 -08:00
Zach Wasserman
ddb05cce94
Change default TLS compatibility to intermediate (#270)
In #212 these settings were updated and caused connectivity issues for
users in common environment configurations. The new changes are
aggressive (modern enforces TLS 1.3) and Mozilla indicates that
intermediate is an appropriate default. This will ensure better
compatibility for common deployments while still allowing the option to
use the strictest settings.

Document unintentional mismatched yaml key.

Fixes #269
2021-02-03 11:48:48 -08:00
Zach Wasserman
a9c0c472fc
Update Kolide to Fleet as appropriate in documentation (#263) 2021-02-02 12:16:59 -08:00
Zach Wasserman
8fcd14b394
Add --dev flag and change docker defaults (#251)
- Add --dev flag that will set default flag values. This simplifies the
  invocation of Fleet in a development environment.
- Change defaults in docker-compose to use `fleet` in place of `kolide`.
-  Skip prompt in `prepare db` when `--dev` specified.
- Update developer documentation.

Updates to MySQL configuration in docker-compose.yml may require
existing development containers and volumes to be deleted (this will
delete data in MySQL):

```shell
docker-compose rm -sf
docker volume rm fleet_mysql-persistent-volume
```

Closes #170
2021-02-01 18:14:16 -08:00
Gabe Hernandez
5816f4f051
Update build-fleet.md with chrome bug note and new link (#256) 2021-02-01 16:27:00 +00:00
Mike McNeil
b39d1f26cf
typofix in docs 2021-01-31 23:01:21 -06:00
noahtalerman
54f46b944e
Add packs endpoints docs to REST API docs (#242)
Reformat the anchor links for specific endpoints by moving these links to their respective sections.

The endpoints included in these changes:
- /api/v1/kolide/packs POST
- /api/v1/kolide/packs/{id} PATCH "modify_pack"
- /api/v1/kolide/packs/{id} GET "get_pack"
- /api/v1/kolide/packs GET "list_packs"
- /api/v1/kolide/packs/{name} DELETE "delete_pack"
- /api/v1/kolide/packs/id/{id} DELETE "delete_pack_by_id"
- /api/v1/kolide/packs/{id}/scheduled GET "get_scheduled_queries_in_pack"
- /api/v1/kolide/schedule POST "schedule_query"
- /api/v1/kolide/schedule/{id} GET "get_scheduled_query"
- /api/v1/kolide/schedule/{id} PATCH "modify_scheduled_query"
- /api/v1/kolide/schedule/{id} DELETE "delete_scheduled_query"
- /api/v1/kolide/spec/packs POST "apply_pack_specs"
- /api/v1/kolide/spec/packs GET "get_pack_specs"
- /api/v1/kolide/spec/packs/{name} GET "get_pack_spec"
2021-01-28 15:40:49 -08:00
noahtalerman
0755b31d40
Add queries endpoints to REST API docs. (#218)
The endpoints included in these changes:
- /api/v1/kolide/queries/{id} GET
- /api/v1/kolide/queries/{id} PATCH
- /api/v1/kolide/queries/{name} DELETE
- /api/v1/kolide/queries GET
- /api/v1/kolide/queries POST
- /api/v1/kolide/queries/id/{id} DELETE
- /api/v1/kolide/spec/queries POST
- /api/v1/kolide/spec/queries GET
- /api/v1/kolide/spec/queries/{name} GET
- /api/v1/kolide/queries/run POST
- /api/v1/kolide/queries/run_by_names POST
2021-01-25 17:27:24 -08:00
noahtalerman
02eb844a50
Add remaining hosts endpoints. Add osquery options endpoints. (#213)
The endpoints included in these changes:
- /api/v1/kolide/host_summary GET
- /api/v1/kolide/hosts/{id} GET
- /api/v1/kolide/hosts/identifier/{identifier} GET
- /api/v1/kolide/hosts/{id} DELETE
- /api/v1/kolide/spec/osquery_options POST
- /api/v1/kolide/spec/osquery_options GET
2021-01-25 17:09:11 -08:00
Zach Wasserman
c7dfeeb90c
Update tls_compatibility settings to match Mozilla (#212)
Mozilla's recommended settings have changed since this was last updated.
We now link directly to the relevant revision in the Mozilla wiki to
avoid confusion if this is updated.
2021-01-20 08:34:14 -08:00
noahtalerman
c948bd1dc5
Add Fleet configuration endpoint documentation to REST API docs. (#199)
This PR is part of the Complete documentation for Fleet API project #43.

The endpoints included in these changes:
- /api/v1/kolide/config/certificate GET
- /api/v1/kolide/config GET
- /api/v1/kolide/config PATCH
- /api/v1/kolide/spec/enroll_secret POST
- /api/v1/kolide/spec/enroll_secret GET
- /api/v1/kolide/invites POST
- /api/v1/kolide/invites GET
- /api/v1/kolide/invites/{id} DELETE
- /api/v1/kolide/invites/{token} GET
2021-01-15 10:53:34 -08:00
noahtalerman
6196859bc5
Add allow insecure local host flag instructions to contributor docs. (#179)
In contributor docs, mention chrome://flags/#allow-insecure-localhost.
2021-01-07 12:04:41 -08:00
Kyle Knight
bb5b84659f
Update 3-Adding-hosts.md (#174)
Updating some verbiage, correcting link to Kolide's launcher docs, and fixing typo in code snippet
2021-01-05 12:13:29 -08:00
noahtalerman
cf9146eea2
Add additional documentation on how the osquery configuration overrides option works. (#163)
- Quick attempt to alleviate potential confusion for how the osquery configuration overrides option works
- Leave in the commented explanation in the sample yaml file
2021-01-04 13:55:43 -08:00
noahtalerman
715d7b44e2
Fix markdown link check CI action. (#169)
- Split the array of objects to separate objects for each pattern in ignorePatterns. Rename the key in each object to "pattern." The documentation for the example config file is poor.
- Add hello@fleetdm.com and /server/datastore/mysql/migrations/ to ignorePatterns
- Add 999 to aliveStatucCodes (Seems to be a LinkedIn edge case)
- Fix all broken markdown links
2021-01-04 13:55:05 -08:00
noahtalerman
72637d649b
Update links to new documentation locations. (#164)
- Add correct links to the new docs locations for links within the Fleet UI and Fleet documentation.
Fixes #157.
2021-01-04 08:53:23 -08:00
CptOfEvilMinions
626429c38e
Added support to read jwt and mysql password from a file (#141)
The current implementation of FleetDM doesn't support Docker secrets for supplying the MySQL password and JWT key. This PR provides the ability for a file path to read in secrets. The goal of this PR is to avoid storing secrets in a static config or in an environment variable. 

Example config for Docker:
```yaml
mysql:
  address: mysql:3306
  database: fleet
  username: fleet
  password_path: /run/secrets/mysql-fleetdm-password
redis:
  address: redis:6379
server:
  address: 0.0.0.0:8080
  cert: /run/secrets/fleetdm-tls-cert
  key: /run/secrets/fleetdm-tls-key
auth:
  jwt_key_path: /run/secrets/fleetdm-jwt-key
filesystem:
  status_log_file: /var/log/osquery/status.log
  result_log_file: /var/log/osquery/result.log
  enable_log_rotation: true
logging:
  json: true
```
2021-01-04 07:58:43 -08:00
Zach Wasserman
6a3c511eca
Update developer docs (#159)
- Separate migration documentation from build.
- Add link to server on localhost after setup.
2020-12-30 15:20:02 -08:00
noahtalerman
5ae69fdb43
Capitalize Fleet in "Using Fleet" folder name. (#150)
"Fleet" is now capitalized in the folder name for 1-Using-Fleet.md.
2020-12-24 14:45:43 -08:00
noahtalerman
d5f3a70152
Part 3 of documentation restructure. Contribution section. (#149)
This PR includes the Contribution section of the documentation restructure #144.
2020-12-24 14:33:03 -08:00
noahtalerman
f9eae5e747
Part 2 of documentation restructure. Using Fleet section. (#148)
This PR includes the Using Fleet section of the documentation restructure #144.
It shouldn't be merged until changes are approved for the entire restructuring (part 1, part 2, and part 3).

Update the naming convention for the files to number prefixes.
2020-12-24 14:12:44 -08:00
noahtalerman
fa6ac424ca
Part 1 of documentation restructure. Deployment section. (#147)
This PR includes the Deployment section of the documentation restructure #144.

- Changes include the addition of 3 overarching folders/sections named Deployment, Using fleet, and Contribution guide. Each folder includes new files for the subsections.
- Move the copy from the appropriate files into the new files in the Deployment folder. Removed old files. A detailed outline of the exact old files can be found in the linked issue above.
- Add navigation to the top of each file via links to anchors in the markdown.

The naming convention for each folder and file is up for discussion. I chose to use number prefixes (1, 2, 3) to order the folders and files. This way we have control over the order when viewing on GitHub.
2020-12-24 14:00:22 -08:00
noahtalerman
19816cee1a
Add help text within user actions dropdown menu. Update copy in API documentation. (#142)
- Add help text within dropdown in smaller font size underneath "Require password reset" saying "This will revoke all active Fleet API tokens for this user."
- Update API docs to use "API token" parlance instead of "Auth token"
2020-12-21 15:47:35 -08:00
noahtalerman
e9a77cc64a
Add information on datastore options in Fleet to FAQ. (#136) 2020-12-16 16:20:38 -08:00
noahtalerman
d4780770e0
Update question on fleet performance in FAQ. (#135)
Add copy to Fleet stress test question in infrastructure FAQ.
2020-12-16 16:14:40 -08:00
Matteo Piano
c89cd370d5
Add AWS S3 as file carving backend (#126)
This adds the option to set up an S3 bucket as the storage backend for file carving (partially solving #111).

It works by using the multipart upload capabilities of S3 to maintain compatibility with the "upload in blocks" protocol that osquery uses. It does this basically replacing the carve_blocks table while still maintaining the metadata in the original place (it would probably be possible to rely completely on S3 by using object tagging at the cost of listing performance). To make this pluggable, I created a new field in the service struct dedicated to the CarveStore which, if no configuration for S3 is set up will be just a reference to the standard datastore, otherwise it will point to the S3 one (effectively this separation will allow in the future to add more backends).
2020-12-16 09:16:55 -08:00
Ahmed Musaad
dc2befaa87
Add documentation for user API endpoints (#114)
@ahmedmusaad added documentation for the following API endpoints:

/api/v1/kolide/users GET
/api/v1/kolide/users POST
/api/v1/kolide/users/admin POST
/api/v1/kolide/users/{id} GET
2020-12-14 08:55:15 -08:00
Zach Wasserman
6f6464f206
Migrate remaining URLs to fleetdm.com (#116) 2020-12-10 11:26:00 -08:00
linsihao7788
3ce7351049
Fix JSON in rest-endpoints.md (#110) 2020-12-08 19:22:01 -08:00
Zach Wasserman
30a0dfc1e1
Fix and clarify API auth documentation (#109)
- Fix header name.
- Add note about SSO auth.
2020-12-08 17:44:26 -08:00
Zach Wasserman
9279e59628
Default to --host_identifier=instance in docs (#103)
This may be a better default for folks to use as it will prevent the
issues caused by duplicate UUIDs in #102.
2020-12-07 15:43:08 -08:00
noahtalerman
392a032141
Add question and answer stub for monitoring query performance to FAQ. (#84)
Question and tentative answer for "How do I monitor the performance of my queries?" added to infrastructure FAQ.
2020-12-03 14:46:56 -05:00
Zach Wasserman
9606196feb
Minor improvements in the FAQ (#93) 2020-12-03 08:41:38 -08:00
Zach Wasserman
698b8ab882
Add FAQ question about resetting auth tokens (#92)
Related to #89
2020-12-03 08:41:23 -08:00
Zach Wasserman
47b4f07afb
Add documentation on Fleet performance (#86)
- Document scaling.
- Document debugging steps/tools.
- Update issue template to request debug archive.
2020-12-02 09:46:02 -08:00
Zach Wasserman
7d299ca6f7
Add fleetctl.exe.zip to release process (#80)
Closes #56
2020-12-02 08:24:34 -08:00