Migrated the following articles: • How to install osquery and enroll macOS devices into Fleet • How to install osquery and enroll Windows devices into Fleet • How to install osquery and enroll Linux devices into Fleet For article: Apply BYOD to soothe supply chain pain: • Changed category from "product" to "security"
3.8 KiB
How to install osquery and enroll macOS devices into Fleet
The easiest way to install osquery and enroll macOS devices into your Fleet instance is to use the Fleet osquery installer.
Alternatively, you can run a preview environment of Fleet locally (which automatically adds your device to the locally running Fleet server). Check out the Getting Started guide for instructions on setting that up.
Prerequisites
Before installing osquery on macOS and enrolling that macOS device, you will need to have access to a Fleet server (see Deploying Fleet on Render for an example.)
You will also need to install the fleetctl
CLI tool if you don’t have it already. fleetctl
can be installed via npm
by running the command below:
npm i -g fleetctl
After the above command has run successfully, you can confirm that you now have the fleetctl
CLI tool by running:
fleetctl --version
This should return an output similar to the example below:
fleetctl.exe - version 4.8.0
branch: HEAD
revision: 09654d77eedbf9ed181bc8188a3d2be0324b29a5
build date: 2021-12-31
build user: runner
go version: go1.17.2
You can generate an osquery installer using
fleetctl
for macOS on Windows and even Linux distributions, but for this article we are assuming generating on a macOS device. To generate an osquery installer for a different OS, check out the guides for Windows and Linux.
Installing osquery
Head over to the Hosts page on Fleet and click on the “Generate installer” button, which will present a pop-up that allows you to choose the type of installer you want to generate. Make sure you are on the “macOS” tab and click on the clipboard icon to copy the installation command for macOS.
Generate installer for osquery on macOS
Head over to your command line, paste the copied command, and then hit enter.
Once fleetctl
has finished creating your osquery installer, it will produce an installer file called fleet-osquery.pkg
in your current directory, and display instructions on how to proceed.
Running the installer
Double-click the installer and follow the guided steps to successfully install osquery on your macOS device and enrol it onFleet!
Alternatively, you can run open fleet-osquery.pkg
from your command line to launch the installer.
Deploying at scale?
Fleet makes it easy to install osquery and enrol macOS devices with fleetctl. If you’re managing an enterprise environment with multiple hosts, you likely have an enterprise deployment tool like Munki, [Jamf Pro] (https://www.jamf.com/products/jamf-pro/), Chef, Ansible, or Puppet to deliver software to your hosts. You can distribute your osquery installer and add all your devices to Fleet using your software management tool of choice.