Releases: fleetdm/fleet
orbit-v0.0.5
Changes
- Fix handling of enroll secrets to address 0.0.4 enrollment issue.
orbit-v0.0.4
Changes
-
Use
certs.pem
if available in root directory to improve TLS compatibility. -
Use UUID as the default host identifier for osquery.
-
Add github.com/macadmins/osquery-extension tables.
-
Add support for osquery flagfile (loaded automatically if it exists in the Orbit root).
-
Fix permissions for building MSI when packaging as root user. Fixes #1424.
fleet-v4.7.0
Changes
-
Add ability to create, modify, or delete policies in Fleet without modifying saved queries. Fleet
4.7.0 introduces breaking changes to the/policies
API routes to separate policies from saved
queries in Fleet. These changes will not affect any policies previously created or modified in the
Fleet UI. -
Turn on vulnerability processing for all Fleet instances with software inventory enabled. Vulnerability processing in Fleet
provides the ability to see all hosts with specific vulnerable software installed. -
Improve the performance of the "Software" table on the Home page.
-
Improve performance of the MySQL database by changing the way a host's users information is saved.
-
Add ability to select from a library of standard policy templates on the Policies page. These
pre-made policies ask specific "yes" or "no" questions about your hosts. For example, one of
these policy templates asks "Is Gatekeeper enabled on macOS devices?" -
Add ability to ask whether or not your hosts have a specific operating system installed by
selecting an operating system policy on the Host details page. For example, a host that is
running macOS 12.0.1 will present a policy that asks "Is macOS 12.0.1 installed on macOS devices?" -
Add ability to specify which platform(s) (macOS, Windows, and/or Linux) a policy is checked on.
-
Add ability to generate a report that includes which hosts are answering "Yes" or "No" to a
specific policy by running a policy's query as a live query. -
Add ability to see the total number of installed software software items across all your hosts.
-
Add ability to see an example scheduled query result that is sent to your configured log
destination. Select "Schedule a query" > "Preview data" on the Schedule page to see the
example scheduled query result. -
Improve the host's users information by removing users without login shells and adding users
that are not associated with a system group. -
Add ability to see a Fleet instance's missing migrations with the
fleetctl debug migrations
command. Thefleet serve
andfleet prepare db
commands will now fail if any unknown migrations
are detected. -
Add ability to see syntax errors as your write a query in the Fleet UI.
-
Add ability to record a policy's resolution steps that can be referenced when a host answers "No"
to this policy. -
Add server request errors to the Fleet server logs to allow for troubleshooting issues with the
Fleet server in non-debug mode. -
Increase default login session length to 24 hours.
-
Fix a bug in which software inventory and disk space information was not retrieved for Debian hosts.
-
Fix a bug in which searching for targets on the Edit pack page negatively impacted performance of
the MySQL database. -
Fix a bug in which some Fleet migrations were incompatible with MySQL 8.
-
Fix a bug that prevented the creation of osquery installers for Windows (.msi) when a non-default
update channel is specified. -
Fix a bug in which the "Software" table on the home page did not correctly filtering when a
specific team was selected on the Home page. -
Fix a bug in which users with "No access" in Fleet were presented with a perpetual
loading state in the Fleet UI.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for Fleet is available at fleetdm.com/docs.
Binary Checksum
SHA256
4cd15a76ac934a429d714c881c9f86824b800dc12f216bcfebfc81e02f3ecfb7 fleet_v4.7.0_linux.tar.gz
655704454143e0d151922763f45d7408b5185a46c04597833ad3be500f8b4007 fleetctl_v4.7.0_windows.tar.gz
33030fda6bb7b078fa54d628e379fc4bc71dd2373d743d89d5365fb40536d087 fleetctl_v4.7.0_macos.tar.gz
6a1a8a47965fe10b719f0aa1ef55f7eb7b22b0107c268b6adc0189cf16105730 fleetctl_v4.7.0_macos.zip
e30efe82132739d50c6bff3f2aff8b1a5db4f69c76f7495429be2b5bab48e76c fleetctl_v4.7.0_windows.zip
ecc31978f64d9945739f45a48aed7dd1e4cd642046405f6d04ff851c7905e9e7 fleetctl_v4.7.0_linux.zip
ef17e435d8d435e1c259a6d8e570b5ee4b2e773a1ea3c2a114ed194b5444c1ca fleetctl_v4.7.0_linux.tar.gz
Docker images
docker pull fleetdm/fleetctl:v4.7.0
docker pull fleetdm/fleetctl:v4.7.0
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.7.0
docker pull fleetdm/fleet:v4.7.0
docker pull fleetdm/fleet:v4
fleet-v4.6.2
Changes
-
Improve performance of the Home page by removing total hosts count from the "Software" table.
-
Improve performance of the Queries page by adding pagination to the list of queries.
-
Fix a bug in which the "Shell" column of the "Users" table on the Host details page would sometimes fail to update.
-
Fix a bug in which a host's status could quickly alternate between "Online" and "Offline" by increasing the grace period for host status.
-
Fix a bug in which some hosts would have a missing
host_seen_times
entry. -
Add an
after
parameter to theGET /hosts
API route to allow for cursor pagination. -
Add a
disable_failing_policies
parameter to theGET /hosts
API route to allow the API request to respond faster if failing policies count information is not needed.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.6.2/docs/README.md
Binary Checksum
SHA256
3e3f0b02c737227adcacf467e7e587816b51cb4c0025cde1a0e55537972fc22d fleetctl_v4.6.2_windows.tar.gz
9f9c0b30ebc64c51d66578951526d394c29fa5838362242f75afa1e08a2e524e fleetctl_v4.6.2_windows.zip
ade1c6de0414ceced04c73416eca296dd33576026a4950fe2a7dfe49874aa06c fleet_v4.6.2_linux.tar.gz
b37d90e14917552e066a0349ad722533a859b68d65699886b0061d7500f260d4 fleetctl_v4.6.2_linux.zip
b53f7e1389fcf60b925b51a82c56333926580a8a78a1fee521d12790e8ffad93 fleetctl_v4.6.2_linux.tar.gz
10b7cb096d08d947ad133b68b4f4fa11df9ad35c5c49229ae36822e94d29e523 fleetctl_v4.6.2_macos.zip
430b0e6978f0ffa1fdae6967d6db6bb2a134e56d5b5922ceafcd3319a777b3ff fleetctl_v4.6.2_macos.tar.gz
Docker images
docker pull fleetdm/fleetctl:v4.6.2
docker pull fleetdm/fleetctl:v4.6.2
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.6.2
docker pull fleetdm/fleet:v4.6.2
docker pull fleetdm/fleet:v4
fleet-v4.6.1
Changes
-
Fix a bug (introduced in 4.6.0) in which Fleet used progressively more CPU on Redis, resulting in
API and UI slowdowns and inconsistency. -
Make
fleetctl apply
fail when the configuration contains invalid fields.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for Fleet is available at fleetdm.com/docs.
Binary Checksum
SHA256
1ef666cb348775ec853ed08f7a8d47d31c8ac1f8d5ead45479e7aa7160be2c31 fleetctl_v4.6.1_windows.zip
04041ca9f0588df1f0814b064d2c6084aa4b89212eff38cf9fc279c18730c991 fleetctl_v4.6.1_macos.tar.gz
3bdb11dc764e70d80eeef075548d8e027130da9500f32f6e5abb0c2476d5f169 fleetctl_v4.6.1_linux.zip
83130abb5edec390fbbbf20b29620f520cfb0ae6ef53d2df7985cc4b30a5596a fleetctl_v4.6.1_macos.zip
3d40585026c3e8cfe981f426db3bd45435f595daade3980b7c6d194d44e0a2e3 fleetctl_v4.6.1_windows.tar.gz
7a902592b4cf7a033048c4a07d0d9abd49477b5428ba91d40567b4ba5fafea1d fleetctl_v4.6.1_linux.tar.gz
e8451edbac32823d00d02970162d623a9441ba675bbd10d2cf7b6a9f5e43cd04 fleet_v4.6.1_linux.tar.gz
Docker images
docker pull fleetdm/fleetctl:v4.6.1
docker pull fleetdm/fleetctl:v4.6.1
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.6.1
docker pull fleetdm/fleet:v4.6.1
docker pull fleetdm/fleet:v4
fleet-v4.6.0
Changes
-
Fleet Premium: Add ability to filter aggregate host data, such as platforms (macOS, Windows, and Linux) and status (online, offline, and new), on the Home page. The aggregate host data is also available in the
GET /host_summary
API route. -
Fleet Premium: Add ability to move pending invited users between teams.
-
Fleet Premium: Add
fleetctl updates rotate
command for rotation of keys in the updates system. Thefleetctl updates
command provides the ability to self-manage an agent update server. -
Enable the software inventory by default for new Fleet instances. The software inventory feature can be turned on or off using the
enable_software_inventory
configuration option. -
Update the JSON payload for the host status webhook by renaming the
"message"
property to"text"
so that the payload can be received and displayed in Slack. -
Remove the deprecated
app_configs
table from Fleet's MySQL database. Theapp_config_json
table has replaced it. -
Improve performance of the policies feature for Fleet instances with over 100,000 hosts.
-
Add instructions in the Fleet UI for generating an osquery installer for macOS, Linux, or Windows. Documentation for generating an osquery installer and distributing the installer to your hosts to add them to Fleet can be found here on fleetdm.com/docs
-
Add ability to see all the software, and filter by vulnerable software, installed across all your hosts on the Home page. Each software's
name
,version
,hosts_count
,vulnerabilities
, and more is also available in theGET /software
API route andfleetctl get software
command. -
Add ability to add, edit, and delete enroll secrets on the Hosts page.
-
Add ability to see aggregate host data such as platforms (macOS, Windows, and Linux) and status (online, offline, and new) the Home page.
-
Add ability to see all of the queries scheduled to run on a specific host on the Host details page immediately after a query is added to a schedule or pack.
-
Add a "Shell" column to the "Users" table on the Host details page so users can now be filtered to see only those who have logged in.
-
Package osquery's
certs.pem
infleetctl package
to improve TLS compatibility. -
Add support for packaging an osquery flagfile with
fleetctl package --osquery-flagfile
. -
Use "Fleet osquery" rather than "Orbit osquery" in packages generated by
fleetctl package
. -
Clarify that a policy in Fleet is a yes or no question you can ask about your hosts by replacing "Passing" and "Failing" text with "Yes" and "No" respectively on the Policies page and Host details page.
-
Add ability to see the original author of a query on the Query page.
-
Improve the UI for the "Software" table and "Policies" table on the Host details page so that it's easier to pivot to see all hosts with a specific software installed or answering "No" to a specific policy.
-
Fix a bug in which modifying a specific target for a live query, in target selector UI, would deselect a different target.
-
Fix a bug in which the user was navigated to a non existent page, in the Fleet UI, after saving a pack.
-
Fix a bug in which long software names in the "Software" table caused the bundle identifier tooltip to be inaccessible.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.6.0/docs/README.md
Binary Checksum
SHA256
00df4863e7c27b116d3a788c6508acfbdcf6da11d0d29034646a7f712abb4d83 fleetctl_v4.6.0_linux.tar.gz
a8405a073db5611be42dc26c41e09b5c0421a5af6816ab1ab27d3386eb56a8d3 fleetctl_v4.6.0_macos.zip
639c3eba54a8c8773ff5984e239c55fadca1979f2c032f62b9033cde65536f10 fleet_v4.6.0_linux.tar.gz
a457f09fd9dd3f57cb39c4b9a87e6efdc50fae1f71d026dbb0c84c38ee68ab0e fleetctl_v4.6.0_macos.tar.gz
9b1076c7cec196b7a7f5f37f27572a9e447e2b51986a74f937558abe2d3e9e4b fleetctl_v4.6.0_windows.zip
bfda2a842d7877a9a465463fece681c2305513f2c1097dc33f01ac774ab5d4f6 fleetctl_v4.6.0_windows.tar.gz
ca508fd7d0598f861dd403eb06e6c5de92d469bb13eea683d2f6f625bea61429 fleetctl_v4.6.0_linux.zip
Docker images
docker pull fleetdm/fleetctl:v4.6.0
docker pull fleetdm/fleetctl:v4.6.0
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.6.0
docker pull fleetdm/fleet:v4.6.0
docker pull fleetdm/fleet:v4
fleet-v4.5.1
Changes
-
Fix performance issues with search filtering on manage queries page.
-
Improve correctness and UX for query platform compatibility.
-
Fleet Premium: Show correct hosts when a team is selected.
-
Fix a bug preventing login for new SSO users.
-
Always return the
disabled
value in theGET /api/v1/fleet/packs/{id}
API (previously it was sometimes left out).
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.5.1/docs/README.md
Binary Checksum
SHA256
14ad55a12f1320d9b4e947fedc5e3f36557719a066caf4f83e3a8d54f1c09ae5 fleetctl_v4.5.1_windows.zip
4d87b8646c7477ef21d13c7b7adb54253016a8d0daee99e848a3b4ed5739e706 fleetctl_v4.5.1_macos.tar.gz
7100bd629915d1c2948b8255741dd926a08e5fd06490f5daffa694b56902507a fleetctl_v4.5.1_windows.tar.gz
cedc5a53eba8f692c03baea93bb9a4b27d06bbf1fcf15075d07789326d9b36c8 fleet_v4.5.1_linux.tar.gz
d153b1e418f2dcef6d8fab11f0d9496ea6e0075a0c71e8fd87d81fc6ec4d5bda fleetctl_v4.5.1_macos.zip
ea30c24716fa0977e8b78866fbb21a6e1c3ae33de58860d02635c6a2d9f5eb70 fleetctl_v4.5.1_linux.zip
fa539932eb6c00c41fad7af60add06ccebcd4eaf1b1a1a383c14633c4a3f9b82 fleetctl_v4.5.1_linux.tar.gz
Docker images
docker pull fleetdm/fleetctl:v4.5.1
docker pull fleetdm/fleetctl:v4.5.1
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.5.1
docker pull fleetdm/fleet:v4.5.1
docker pull fleetdm/fleet:v4
fleet-v4.5.0
Changes
-
Fleet Premium: Add a Team admin user role. This allows users to delegate the responsibility of managing team members in Fleet. Documentation for the permissions associated with the Team admin and other user roles can be found here on fleetdm.com/docs.
-
Add Apache Kafka logging plugin. Documentation for configuring Kafka as a logging plugin can be found here on fleetdm.com/docs. Thank you to Joseph Macaulay for adding this capability.
-
Add support for MinIO as a file carving backend. Documentation for configuring MinIO as a file carving backend can be found here on fleetdm.com/docs. Thank you to Chandra Majumdar and Ben Edwards for adding this capability.
-
Add the ability to run a live query and receive results using only the Fleet REST API with a
GET /api/v1/fleet/queries/run
API route. Documentation for this new API route can be found here on fleetdm.com/docs. -
Add ability to see whether a specific host is "Passing" or "Failing" a policy on the Host details page. This information is also exposed in the
GET api/v1/fleet/hosts/{id}
API route. In Fleet, a policy is a "yes" or "no" question you can ask of all your hosts. -
Add the ability to quickly see the total number of "Failing" policies for a particular host on the Hosts page with a new "Issues" column. Total "Issues" are also revealed on a specific host's Host details page.
-
Add the ability to see which platforms (macOS, Windows, Linux) a specific query is compatible with. The compatibility detected by Fleet is estimated based on the osquery tables used in the query.
-
Add the ability to see whether your queries have a "Minimal," "Considerable," or "Excessive" performance impact on your hosts. Query performance information is only collected when a query runs as a scheduled query.
-
Running a "Minimal" query, very frequently, has little to no impact on your host's performance.
-
Running a "Considerable" query, frequently, can have a noticeable impact on your host's performance.
-
Running an "Excessive" query, even infrequently, can have a significant impact on your host’s performance.
-
-
Add the ability to see a list of hosts that have a specific software version installed by selecting a software version on a specific host's Host details page. Software inventory is currently under a feature flag. To enable this feature flag, check out the feature flag documentation.
-
Add the ability to see all vulnerable software detected across all your hosts with the
GET /api/v1/fleet/software
API route. Documentation for this new API route can be found here on fleetdm.com/docs. -
Add the ability to see the exact number of hosts that selected filters on the Hosts page. This ability is also available when using the
GET api/v1/fleet/hosts/count
API route. -
Add ability to automatically "Refetch" host vitals for a particular host without manually reloading the page.
-
Add ability to connect to Redis with TLS. Documentation for configuring Fleet to use a TLS connection to the Redis server can be found here on fleetdm.com/docs.
-
Add
cluster_read_from_replica
Redis to specify whether or not to prefer readying from a replica when possible. Documentation for this configuration option can be found here on fleetdm.com/docs. -
Fix a bug in which turning on the host expiry setting did not remove expired hosts from Fleet.
-
Fix a bug in which the Software inventory for some host's was missing
bundle_identifier
information.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/v4.5.0/docs/README.md
Binary Checksum
SHA256
2984129ac927eef77380cd762725563c0f2b5ebb1bc9f958b4501da9dd031a96 fleetctl_v4.5.0_windows.tar.gz
2a063820b3f688927360334abffae671ef5299b3f10e008ec9f7d7332e8b0151 fleetctl_v4.5.0_windows.zip
991a261b405740566ab86fb09f1ad6ba39e0063410554e08b6a1701065c27ef0 fleetctl_v4.5.0_macos.zip
ba3098b442ec56748ac00c03be80c32c62687c65a1276e3a48e05dd27c5d2b30 fleet_v4.5.0_linux.tar.gz
cf9d9de6fe467c0c8ac49d96cef3d49b29100a103f94258bf5068a9a8eaf740f fleetctl_v4.5.0_linux.zip
e6557bfef6fe1620298558b35d80f491a65979115b8c0250f47fffc8327a90e9 fleetctl_v4.5.0_linux.tar.gz
fb12e3bb085663b41a7e8bf5754490c39a83383b9d58a07c2bbbe3e5ef79f71b fleetctl_v4.5.0_macos.tar.gz
Docker images
docker pull fleetdm/fleetctl:v4.5.0
docker pull fleetdm/fleetctl:v4.5.0
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.5.0
docker pull fleetdm/fleet:v4.5.0
docker pull fleetdm/fleet:v4
fleet-v4.4.3
Changes
-
Cache AppConfig in Redis to speed up requests and reduce MySQL load.
-
Fix migration compatibility with MySQL GTID replication.
-
Improve performance of software listing query.
-
Improve MSI generation compatibility (for macOS M1 and some Virtualization configurations) in
fleetctl package
.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.4.3/docs/README.md
Binary Checksum
SHA256
192086b0c2476e3c4a1a5a009efcac33a2f18e90bcd027f3de0510fe32bad678 fleetctl_v4.4.3_linux.tar.gz
4f00364d720f2e6ab35ad00fb5a89281dbc154229eb9182dad15c052f684d81d fleetctl_v4.4.3_macos.tar.gz
539a209b654c71ae85932a61a9eac851f4609efdad2f24ed26f4b276edf3ff30 fleetctl_v4.4.3_windows.zip
782d7f3180c114f317c3514525f60a0131533755829cffca0940d79e958c659d fleetctl_v4.4.3_macos.zip
936c20298e083181ad8279ee3f9f5b26e6d930a6a0998f3b29db17ac9c21bae1 fleetctl_v4.4.3_windows.tar.gz
b270187e9464d762b43515292495a98a030f9ffb155d676556df26bb513f5319 fleetctl_v4.4.3_linux.zip
d7b9a2d56b69bcbc30138ae816342b336000c5c343e77ab9ff655663fd19998a fleet_v4.4.3_linux.tar.gz
Docker images
docker pull fleetdm/fleetctl:v4.4.3
docker pull fleetdm/fleetctl:v4.4.3
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.4.3
docker pull fleetdm/fleet:v4.4.3
docker pull fleetdm/fleet:v4
fleet-v4.4.2
Changes
-
Fix migration errors under some MySQL configurations due to use of temporary tables.
-
Fix pagination of hosts on host dashboard.
-
Optimize HTTP requests on host search.
Upgrading
Please visit our update guide for upgrade instructions.
Documentation
Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.4.2/docs/README.md
Binary Checksum
SHA256
02348e5ec22a07c12a1b13342b0f78294b8486250bc61f91da3cc66d0d1b4c6d fleetctl_v4.4.2_linux.zip
221d0959f41d9192a4cdd0f65d4e0876629886a1cb313331d7e4ce0f214c4bd6 fleetctl_v4.4.2_macos.zip
274d9b53ebeab9804fe5cbbdc86776d7f99785948d66cf5b462fdd4f1bd4fd9d fleet_v4.4.2_linux.tar.gz
99799b7a206e2f1f8f7ddd3750b2b83ccfd0e058805b55c5d67ece779bd00fe3 fleetctl_v4.4.2_linux.tar.gz
c04cc37d6d6179bd1d3145b4bd2bb74ae80cae7f0866689516be83403812bf8b fleetctl_v4.4.2_macos.tar.gz
dd127c2fef0d87227ccec39e59c53ccbc5a3bd474c6f4031bd07567fc37e96f6 fleetctl_v4.4.2_windows.tar.gz
e4d5374a642b11793ba4f8ca061dea18211d043be69ce6113c176ed3a49086e4 fleetctl_v4.4.2_windows.zip
Docker images
docker pull fleetdm/fleetctl:v4.4.2
docker pull fleetdm/fleetctl:v4.4.2
docker pull fleetdm/fleetctl:v4
docker pull fleetdm/fleet:v4.4.2
docker pull fleetdm/fleet:v4.4.2
docker pull fleetdm/fleet:v4