fleet/articles/fleet-4.21.0.md
Marko Lisica 669be3a53c
Enroll hosts docs improvements (#14862)
Summary:
- Enroll hosts page refinement
- Since page was too long and had a lot of content I did following:
    - Moved most important sections to the top
- Did some changes to make things more consistent, when possible having
UI and CLI sections with steps (ordered list)
- Moved `Add hosts with plain osquery` to contributor docs, since I
learned this approach is used just by couple of Fleet customers, and we
don't advise this as best practice anymore
- Added overview (table of contents) on the top to make easier to
navigate through the page
- Moved some technical (advanced) topics into separate section on the
bottom of the page

---------

Co-authored-by: Noah Talerman <noahtal@umich.edu>
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Co-authored-by: Rachael Shaw <r@rachael.wtf>
2023-11-20 19:39:41 +01:00

5.0 KiB
Raw Blame History

Fleet 4.21.0 | Validate config and teams YAML documents, manage osquery flags remotely with Orbit, view team and global policy compliance

Fleet 4.21.0 release

Fleet 4.21.0 is up and running. Check out the full changelog or continue reading to get the highlights.

For upgrade instructions, see our upgrade guide in the Fleet docs.

Highlights

  • Validate config and teams YAML documents.
  • Manage osquery flags remotely with Orbit.
  • View team and global policy compliance.

Validate config and teams YAML documents

Available in Fleet Free and Fleet Premium

Fleet 4.21.0 has validation for all keys and values in the config and teams YAML documents. Fleet now notifies you if any required keys are missing. Fleet also verifies that all values in the documents are the right type. Values under agent_options are based on the latest osquery.

Fleet will send you an error message if validation fails when running fleetctl apply with YAML documents. Fleet wont try to set any configuration settings or send new agent_options to hosts if an error occurs.

You can test changes to config or teams YAML documents locally using a fleetctl apply --dry-run command. Youll receive an error message if validation fails. Fleet wont try to set configuration settings or send new agent_options to hosts.

Youll also have the ability to bypass validation. Use a --force flag to bypass all validation checks and apply the given config.

In addition to validating required keys and the type of document values, Fleet makes sure the value is valid for the config option when possible. For example, Fleet now detects when logger_tls_endpoint is not a path starting with /. Applying such a path would prevent osquery from talking to the right Fleet instance.

Manage osquery flags remotely with Orbit

Available in Fleet Free and Fleet Premium

Manage osquery flags remotely with Orbit

Admins used to need a software orchestration tool (e.g., Chef) to deploy new osquery flags to the end user. Now, you can specify new flags in Fleet — and Orbit will restart osquery with the appropriate flags.

Orbit regularly checks flags from Fleet according to the distributed_interval setting. This includes seeing if hosts belong to any teams. If a host is on one or more teams, Orbit will apply the relevant team flags. Otherise, it applies the global flag set.

Fleet Premium users can specify unique flags for each team. A team's flags override all flags set at the global level. Fleet does not merge the two sets of flags.

View team and global policy compliance

Availaible in Fleet Premium

Toggling between global and team policies wasnt the easiest way to check compliance. In Fleet 4.21.0, you can see which hosts comply with team and global policies — all on the Hosts page.

You'll see how many hosts, assigned to a team, have passed or failed global policies. This allows global admins to provide team users with a view of hosts that are in and out of compliance.

More new features, improvements, and bug fixes

  • Added a '/api/v1/fleet/device/{token}/desktop' API route that returns only the number of failing policies for a specific host.
  • Added support for kubequery.
  • Added support for an AC_TEAM_ID environment variable when creating signed installers for macOS hosts.
  • Made cards on the Home page clickable.
  • Added es_process_file_events, password_policy, and windows_update_history to osquery tables.
  • Added activity items to capture when, and by who, agent options are edited.
  • Added logging to capture the users email upon successful login.
  • Increased the size of placeholder text from extra small to small.
  • Fixed an error that cleared the form when adding a new integration.
  • Fixed an error generating Windows packages with the fleetctl package on non-English localizations of Windows.
  • Fixed a bug that showed the small screen overlay when trying to print.
  • Fixed the UI bug that caused the label filter dropdown to go under the table header.
  • Fixed side panel tooltips to not be wider than side panel causing scroll bug.

Ready to upgrade?

Visit our Upgrade guide in the Fleet docs for instructions on upgrading to Fleet 4.21.0.