empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 08:55:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6b79812404
fleet/articles/how-to-install-osquery-and-enroll-windows-devices-into-fleet.md

3.7 KiB
Raw Blame History

How to install osquery and enroll Windows devices into Fleet

Enroll Linux devices into Fleet

The easiest way to install osquery and enroll Windows devices into your Fleet instance is to use the Fleet osquery installer.

Alternatively, you can run a preview environment of Fleet locally (which automatically adds your device to the locally running Fleet server). Check out the Getting Started guide for instructions on setting that up.

Prerequisites

Before installing osquery on Windows and enrolling that Windows device, you will need access to a Fleet server (see Deploying Fleet on Render for an example.)

If you dont already have it, you will also need to install the fleetctl CLI tool. fleetctl can be installed via npm by running the following command:

npm i -g fleetctl

After the above command has run successfully, you can confirm that you now have the fleetctl CLI tool by running:

fleetctl --version

The above command should return an output similar to the example below:

fleetctl.exe - version 4.8.0
  branch:  HEAD
  revision:  09654d77eedbf9ed181bc8188a3d2be0324b29a5
  build date:  2021-12-31
  build user:  runner
  go version:  go1.17.2

You can generate an osquery installer using fleetctl for Windows on macOS and even Linux distributions, but for this article we are assuming generating on a Windows device. To generate an osquery installer for a different OS, check out the guides for macOS and Linux.

Installing osquery

Head over to the Hosts page on Fleet and click on the “Generate installer” button, which will present a pop-up that allows you to choose the type of installer you want to generate. Make sure you are on the “Windows” tab and click on the clipboard icon.

Generate installer Windows osquery Installer command on Fleet UI

Next, head over to your Windows command prompt (making sure that you are running with administrator privilege and Docker is running), paste the copied command, and then hit enter.

Once fleetctl has finished creating your osquery installer, it will produce an installer file called fleet-osquery.msi in your current directory and display instructions on how to proceed.

Running the installer

Double-click the installer and follow the guided steps to successfully install osquery on your Windows device and enroll it into Fleet!

Deploying at scale?

If youre managing an enterprise environment, you will likely have a deployment tool like Munki, Jamf Pro, Chef, Ansible, or Puppet to deliver software to your devices. You can distribute your osquery installer and add all your devices to Fleet using your software management tool of choice.