-
|
I'm installing a new SO on ubuntu server 20.04.6 LTS. Any ideas on where to start troubleshooting? |
Beta Was this translation helpful? Give feedback.
Replies: 9 comments
-
|
Anyone else having issues with this? Rebuild it on ubuntu and same thing happened. |
Beta Was this translation helpful? Give feedback.
-
|
Does not register new hosts. Going to test if it's related to 2.3.260 by installing from iso image |
Beta Was this translation helpful? Give feedback.
-
|
Tried installing a new deployment on both 2.3.240 and 2.3.260. Had grid/grafana issues along with the fleetdm. Went back to unbuntu. Does anyone have instructions on how to reregister fleetdm on the manager? They seem to be in the docker containers. |
Beta Was this translation helpful? Give feedback.
-
|
Pretty sure when the security onion script completes the install and requests for a reboot, something in the clean up script is killing fleetdm agent, so when it reboots, it's no longer registering the manager as online. |
Beta Was this translation helpful? Give feedback.
-
|
Confirmed it happens to other nodes joining an existing deployment. It's fine up the to point where you reboot, but as soon as you reboot, it no longer comes back as online in fleetdm and just remains offline forever. Can we get this fixed Devs? |
Beta Was this translation helpful? Give feedback.
-
|
I found the problem. For some reason one of my sensors upgraded to 5.9.1 and it started working. All the version ons 4.5.1 are not working. How do we trigger off an osquery upgrade on those nodes? |
Beta Was this translation helpful? Give feedback.
-
|
You could try this #9894 |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the details. I originaly had trouble with the compressed file gzip: stdin: unexpected end of file Ended up getting the working osqueryd from the one that mysteriously upgraded As su, ran the following and it worked cd /usr/local/so-launcher/bin This bug needs to be fixed in future versions |
Beta Was this translation helpful? Give feedback.
-
|
I think it did an update or something and it broke again. |
Beta Was this translation helpful? Give feedback.
Thanks for the details. I originaly had trouble with the compressed file
gzip: stdin: unexpected end of file
tar: Unexpected EOF in archive
tar: Unexpected EOF in archive
tar: Error is not recoverable: exiting now
Ended up getting the working osqueryd from the one that mysteriously upgraded
scp to the non working nodes and put it in the user directory
As su, ran the following and it worked
Note: Replace user with your user location
cd /usr/local/so-launcher/bin
systemctl stop launcher.so-launcher.service
cp /home/user/osqueryd /usr/local/so-launcher/bin/osqueryd
systemctl restart launcher.so-launcher.service
This bug needs to be fixed in future versions