Summary: - Enroll hosts page refinement - Since page was too long and had a lot of content I did following: - Moved most important sections to the top - Did some changes to make things more consistent, when possible having UI and CLI sections with steps (ordered list) - Moved `Add hosts with plain osquery` to contributor docs, since I learned this approach is used just by couple of Fleet customers, and we don't advise this as best practice anymore - Added overview (table of contents) on the top to make easier to navigate through the page - Moved some technical (advanced) topics into separate section on the bottom of the page --------- Co-authored-by: Noah Talerman <noahtal@umich.edu> Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com> Co-authored-by: Rachael Shaw <r@rachael.wtf>
5.0 KiB
Fleet 4.21.0 | Validate config and teams YAML documents, manage osquery flags remotely with Orbit, view team and global policy compliance
Fleet 4.21.0 is up and running. Check out the full changelog or continue reading to get the highlights.
For upgrade instructions, see our upgrade guide in the Fleet docs.
Highlights
- Validate config and teams YAML documents.
- Manage osquery flags remotely with Orbit.
- View team and global policy compliance.
Validate config and teams YAML documents
Available in Fleet Free and Fleet Premium
Fleet 4.21.0 has validation for all keys and values in the config and teams YAML documents. Fleet now notifies you if any required keys are missing. Fleet also verifies that all values in the documents are the right type. Values under agent_options
are based on the latest osquery.
Fleet will send you an error message if validation fails when running fleetctl apply
with YAML documents. Fleet won’t try to set any configuration settings or send new agent_options
to hosts if an error occurs.
You can test changes to config or teams YAML documents locally using a fleetctl apply --dry-run
command. You’ll receive an error message if validation fails. Fleet won’t try to set configuration settings or send new agent_options
to hosts.
You’ll also have the ability to bypass validation. Use a --force
flag to bypass all validation checks and apply the given config.
In addition to validating required keys and the type of document values, Fleet makes sure the value is valid for the config option when possible. For example, Fleet now detects when logger_tls_endpoint
is not a path starting with /. Applying such a path would prevent osquery from talking to the right Fleet instance.
Manage osquery flags remotely with Orbit
Available in Fleet Free and Fleet Premium
Admins used to need a software orchestration tool (e.g., Chef) to deploy new osquery flags to the end user. Now, you can specify new flags in Fleet — and Orbit will restart osquery with the appropriate flags.
Orbit regularly checks flags from Fleet according to the distributed_interval
setting. This includes seeing if hosts belong to any teams. If a host is on one or more teams, Orbit will apply the relevant team flags. Otherise, it applies the global flag set.
Fleet Premium users can specify unique flags for each team. A team's flags override all flags set at the global level. Fleet does not merge the two sets of flags.
View team and global policy compliance
Availaible in Fleet Premium
Toggling between global and team policies wasn’t the easiest way to check compliance. In Fleet 4.21.0, you can see which hosts comply with team and global policies — all on the Hosts page.
You'll see how many hosts, assigned to a team, have passed or failed global policies. This allows global admins to provide team users with a view of hosts that are in and out of compliance.
More new features, improvements, and bug fixes
- Added a '/api/v1/fleet/device/{token}/desktop' API route that returns only the number of failing policies for a specific host.
- Added support for kubequery.
- Added support for an
AC_TEAM_ID
environment variable when creating signed installers for macOS hosts. - Made cards on the Home page clickable.
- Added es_process_file_events, password_policy, and windows_update_history to osquery tables.
- Added activity items to capture when, and by who, agent options are edited.
- Added logging to capture the user’s email upon successful login.
- Increased the size of placeholder text from extra small to small.
- Fixed an error that cleared the form when adding a new integration.
- Fixed an error generating Windows packages with the fleetctl package on non-English localizations of Windows.
- Fixed a bug that showed the small screen overlay when trying to print.
- Fixed the UI bug that caused the label filter dropdown to go under the table header.
- Fixed side panel tooltips to not be wider than side panel causing scroll bug.
Ready to upgrade?
Visit our Upgrade guide in the Fleet docs for instructions on upgrading to Fleet 4.21.0.