Osquery endpoints don´t connect to manager after migrate the server. #8854
-
|
We migrated the manager from a smaller server to one with higher performance, after the migration we lost the osquery endpoints. Manager has the same ip and access was allowed with so-allow. It's about 200 osquery endpoints and we don't want to reinstall them. In one of the computers with osquey endpoint we copied the secret and roots.pem file of the old manager and it was possible to connect to the manager but we would not like to do this one by one. Could help us with information that helps us recover those agents and visualize them in FleetDM. Security Onion Version Version: 2.3.170 Best regards |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
Can you describe what you mean when you say Is that a backup & restore? Or a fresh install with the same IP? FleetDM uses a pre-shared key + certs, all of which are tied to a Manager.... If a new Manager is installed, there would be a new pre-shared key + cert. |
Beta Was this translation helpful? Give feedback.
-
|
Hi. Is a fresh install with the same IP. There is a way to use the old pre-shared key + cert in the new manager? or there is a way to recover osquery endpoints from old manager to the new manager? Best regards |
Beta Was this translation helpful? Give feedback.
-
|
No, there is not a way to use the old cert in the new manager. At the end of the day, you will need to touch every agent - either fresh reinstall, or could try overwriting the old cert + key with the new one. Hope you have some type of systems management app that you can do that with. |
Beta Was this translation helpful? Give feedback.
Can you describe what you mean when you say
migrated the manager-Is that a backup & restore? Or a fresh install with the same IP?
FleetDM uses a pre-shared key + certs, all of which are tied to a Manager.... If a new Manager is installed, there would be a new pre-shared key + cert.