Skip to content

Releases: fleetdm/fleet

fleet-v4.2.3

26 Aug 02:40
@github-actions github-actions
fleet-v4.2.3
5239fb5
Compare
Choose a tag to compare
fleet-v4.2.3

Changes

  • Add ability to troubleshoot connection issues with the fleetctl debug connection command.

  • Improve compatibility with MySQL variants (MariaDB, Aurora, etc.) by removing usage of JSON_ARRAYAGG.

  • Fix bug in which live queries would stop returning results if more than 5 seconds goes by without a result. This bug was introduced in 4.2.1.

  • Eliminate double-logging of IP addresses in osquery endpoints.

  • Update host details after transferring a host on the details page.

  • Log errors in osquery endpoints to improve debugging.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.2.3/docs/README.md

Binary Checksum

SHA256

2801c9dc1f858a72c53722045339857bea36003c234ecb4fd18084af43e9ee34  fleetctl_v4.2.3_macos.zip
2cd316c9dfa1b49921f43e4ac3bcb9d388b825be579ce037b62144d4bfd48742  fleetctl_v4.2.3_windows.zip
85b48b60ce7a5c1f975c465d6cddecc8bebd755ce19367510b06d6cb4ebc451d  fleet_v4.2.3_linux.tar.gz
95bf502671146b041712409e37c6425f83bcd9bc83410c75515662e8cd21c351  fleetctl_v4.2.3_linux.tar.gz
a3bb23f9e36feb7f58f5702a539d4064ab92200c04ab33a825d87c1a1748ba07  fleetctl_v4.2.3_windows.tar.gz
d0d68b9405351e0d267851b6d309ad3bd45f3e0a19251857a7ba0ed717a11286  fleetctl_v4.2.3_macos.tar.gz
fb9fe7da33f83b0b07f0f362327de6ea987e588836c518eb7c229388e5ea272f  fleetctl_v4.2.3_linux.zip

Docker images

  • docker pull fleetdm/fleetctl:v4.2.3
  • docker pull fleetdm/fleetctl:v4.2.3
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.2.3
  • docker pull fleetdm/fleet:v4.2.3
  • docker pull fleetdm/fleet:v4
Loading

fleet-v4.2.2

19 Aug 01:59
@github-actions github-actions
fleet-v4.2.2
de98d7f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
fleet-v4.2.2

Changes

  • Add a new built in label "All Linux" to target all hosts that run any linux flavor.

  • Allow finer grained configuration of the vulnerability processing capabilities.

  • Fix performance issues when updating pack contents.

  • Fix a build issue that caused external network access to panic in certain Linux distros (Ubuntu).

  • Fix rendering of checkboxes in UI when modals appear.

  • Orbit: sync critical file writes to disk.

  • Add "-o" flag to fleetctl convert command to ensure consistent output rather than relying on shell redirection (this was causing issues with file encodings).

  • Fix table column wrapping for manage queries page.

  • Fix wrapping in Label pills.

  • Side panels in UI have a fresher look, Teams/Roles UI greyed out conditionally.

  • Improved sorting in UI tables.

  • Improve detection of CentOS in label membership.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.2.2/docs/README.md

Binary Checksum

SHA256

218e3377302d6e6bb9429e7828c084aa3d2b1afff3f1c03ba3451043568a6987  fleetctl_v4.2.2_linux.zip
4a4f736317273185da8aebabf2940edee06b01143e0985335dfc3e39b9d1be68  fleetctl_v4.2.2_macos.tar.gz
55bc7b4285b3f5255a6cde3fb6c46b7b0f897d5fb4cc740b0ad2f00aaf747513  fleetctl_v4.2.2_macos.zip
7e66be91a89f35cff4256d58d7d198a3dfc81dbc0d2e3316171f8d534848f69c  fleet_v4.2.2_linux.tar.gz
9755f2f253d964c2d8ebd43a2d3059fbea1ed01ea1cc5f82c6bd52960b0bb09a  fleetctl_v4.2.2_windows.tar.gz
a5bd414f00a4bc817306cdb64cc430abd9020af5be9f36f657ad9f71c4cf6e48  fleetctl_v4.2.2_linux.tar.gz
c9c594c1db0fdf47fec382533e292e2579d4c19cba6c4296a989d9c68b8dcbd7  fleetctl_v4.2.2_windows.zip

Docker images

  • docker pull fleetdm/fleetctl:v4.2.2
  • docker pull fleetdm/fleetctl:v4.2.2
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.2.2
  • docker pull fleetdm/fleet:v4.2.2
  • docker pull fleetdm/fleet:v4
Loading

Fleet v4.2.1

14 Aug 16:14
@github-actions github-actions
fleet-v4.2.1
68e92b2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Fleet v4.2.1

Changes

  • Fix a database issue with MariaDB 10.5.4.

  • Display updated team name after edit.

  • When a connection from a live query websocket is closed, Fleet now timeouts the receive and handles the different cases correctly to not hold the connection to Redis.

  • Read live query results from Redis in a thread safe manner.

  • Allow observers and maintainers to refetch a host in a team they belong to.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.2.1/docs/README.md

Binary Checksum

SHA256

08f32db48d6439043da13bb886d7b77db747e201b0d4c81f4e1ccffe100394e3  fleetctl_v4.2.1_linux.tar.gz
2200d7c80c7c08ea3a8ac4867f86d4d5bad13a0128413dc0107cdead482bf96a  fleetctl_v4.2.1_linux.zip
3024dcfbd41e97f63032343ec262617fe0bbfa08a39eb182d35e584ade4bce50  fleetctl_v4.2.1_windows.zip
59d2380ff74d3ea88ded6b0c1d9c7b914366076369a21e51aa60935b84b15548  fleetctl_v4.2.1_macos.zip
8cf1c8a147dfedeef7fe3c886436a6d029a66758b8a10c3ead05489f59c0e507  fleet_v4.2.1_linux.tar.gz
a8f7641779c0a6d3803e05a22567cdf4b9f0f0b5d77ab9ab0f86f09c58b2b60a  fleetctl_v4.2.1_windows.tar.gz
b731d2f6334cb2d8b6fd9bc1ad0dd9639097497f4e0067c82ad278b692ec0dcb  fleetctl_v4.2.1_macos.tar.gz

Docker images

  • docker pull fleetdm/fleetctl:v4.2.1
  • docker pull fleetdm/fleetctl:v4.2.1
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.2.1
  • docker pull fleetdm/fleet:v4.2.1
  • docker pull fleetdm/fleet:v4
Loading

Fleet v4.2.0

12 Aug 02:42
@github-actions github-actions
fleet-v4.2.0
b21ca54
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Fleet v4.2.0

Note: Starting with Fleet v4.2.0, server binaries will only be published for Linux and Docker. If you make use of pre-built binaries for Windows or macOS, please open an issue to discuss alternate options.

Changes

  • Add ability to simultaneously filter hosts by status (online, offline, new, mia) and by label on the Hosts page.

  • Add ability to filter hosts by team in the Fleet UI, fleetctl CLI tool, and Fleet API. Available for Fleet Basic customers.

  • Add ability to create a Team schedule in Fleet. The Schedule feature was released in Fleet 4.1.0. For more information on the new Schedule feature, check out the Fleet 4.1.0 release blog post. Available for Fleet Basic customers.

  • Add Beta Vulnerable software feature which surfaces vulnerable software on the Host details page and the GET /api/v1/fleet/hosts/{id} API route. For information on how to configure the Vulnerable software feature and how exactly Fleet processes vulnerabilities, check out the Vulnerability processing documentation.

  • Add ability to see which logging destination is configured for Fleet in the Fleet UI. To see this information, head to the Schedule page and then select "Schedule a query." Configured logging destination information is also available in the GET api/v1/fleet/config API route.

  • Improve the fleetctl preview experience by downloading Fleet's standard query library and loading the queries into the Fleet UI.

  • Improve the user interface for the Packs page and Queries page in the Fleet UI.

  • Add ability to modify scheduled queries in your Schedule in Fleet. The Schedule feature was released in Fleet 4.1.0. For more information on the new Schedule feature, check out the Fleet 4.1.0 release blog post.

  • Add ability to disable the Users feature in Fleet by setting the new enable_host_users key to true in the config yaml, configuration file. For documentation on using configuration files in yaml syntax, check out the Using yaml files in Fleet documentation.

  • Improve performance of the Software inventory feature. Software inventory is currently under a feature flag. To enable this feature flag, check out the feature flag documentation.

  • Improve performance of inserting pack_stats in the database. The pack_stats information is used to display "Frequency" and "Last run" information for a specific host's scheduled queries. You can find this information on the Host details page.

  • Improve Fleet server logging so that it is more uniform.

  • Fix a bug in which a user with the Observer role was unable to run a live query.

  • Fix a bug that prevented the new Home page from being displayed in some Fleet instances.

  • Fix a bug that prevented accurate sorting issues across multiple pages on the Hosts page.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/fleet-v4.2.0/docs/README.md

Binary Checksum

SHA256

2067fca5e467a2c95fb3b00025e4d50a1a256875ebecc00fd485f47a91cdd240  fleetctl_v4.2.0_windows.tar.gz
5d85b029c90342ccf1b2365f150df30c0a834e23f189f2bd08c5d92269653fe2  fleet_v4.2.0_linux.tar.gz
7e44e97e423c436ecccde9371d3ea1f84db17e9d75f6a1433702545a2198bf83  fleetctl_v4.2.0_linux.tar.gz
a6d21907022776dd77cb8bb709e5e9425f75efe46f2eaa27094ca5ae48b1ddde  fleetctl_v4.2.0_windows.zip
cbed946bd4dda458c2a9b31d50d099e28780d34bd344b67c548309c684ae0c30  fleetctl_v4.2.0_macos.tar.gz
e2fc536106e941448cee96da3ebcc53fec6530810dc0cd826541655f80465be1  fleetctl_v4.2.0_linux.zip
e3cad25046ceedcb050260186b44d80f7705138426eff39835c03f4832e0d1e6  fleetctl_v4.2.0_macos.zip

Docker images

  • docker pull fleetdm/fleetctl:v4.2.0
  • docker pull fleetdm/fleetctl:v4.2.0
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.2.0
  • docker pull fleetdm/fleet:v4.2.0
  • docker pull fleetdm/fleet:v4
Loading

v4.1.0

26 Jul 20:26
@github-actions github-actions
v4.1.0
cb10659
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.1.0

Changes

The primary additions in Fleet 4.1.0 are the new Schedule and Activity feed features.

Schedule lets you add queries which are executed on your devices at regular intervals without having to understand or configure osquery query packs. For experienced Fleet and osquery users, the ability to create new, and modify existing, query packs is still available in the Fleet UI and fleetctl command-line tool. To reach the Packs page in the Fleet UI, head to Schedule > Advanced.

Activity feed adds the ability to observe when, and by whom, queries are changes, packs are created, live queries are run, and more. The Activity feed feature is located on the new Home page in the Fleet UI. Select the logo in the top right corner of the Fleet UI to navigate to the new Home page.

New features breakdown

  • Add ability to create teams and update their respective agent options and enroll secrets using the new teams yaml document and fleetctl. Available in Fleet Basic.

  • Adds a new Home page to the Fleet UI. The Home page presents a breakdown of the enrolled hosts by operating system.

  • Add a “Users” table on the Host details page. The username information displayed in the “Users” table, as well as the uid, type, and groupname are available in the Fleet REST API via the /api/v1/fleet/hosts/{id} API route.

  • Add ability to create a user without an invitation. You can now create a new user by heading to Settings > Users, selecting “Create user,” and then choosing the “Create user” option.

  • Add ability to search and sort installed software items in the “Software” table on the Host details page.

  • Add ability to delete a user from Fleet using a new fleetctl user delete command.

  • Add ability to retrieve hosts’ status, display_text, and labels using the fleetctl get hosts command.

  • Add a new user_roles yaml document that allows users to manage user roles via fleetctl. Available in Fleet Basic.

  • Change default ordering of the “Hosts” table in the Fleet UI to ascending order (A-Z).

  • Improve performance of the Software inventory feature by reducing the amount of inserts and deletes are done in the database when updating each host’s
    software inventory.

  • Remove YUM and APT sources from Software inventory.

  • Fix an issue in which disabling SSO at the organization level would not disable SSO for all users.

  • Fix an issue with data migrations in which enroll secrets are duplicated after the name column was removed from the enroll_secrets table.

  • Fix an issue in which it was not possible to clear host settings by applying the config yaml document. This allows users to successfully remove the additional_queries property after adding it.

  • Fix printing of failed record count in AWS Kinesis/Firehose logging plugins.

  • Fix compatibility with GCP Memorystore Redis due to missing CLUSTER command.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/v4.1.0/docs/README.md

Binary Checksum

SHA256

0c128ee77c6bb03261418a98ddbf971b27b9ee551d7a2f5d00f3be814207bbd7  fleetctl_v4.1.0_linux.zip
3d9e17ce2260efd68c7eb500e68cd381561be8755172021d8844834d34102aa1  fleetctl_v4.1.0_macos.tar.gz
5d38d54f47a299c0b481819abb728ce5b0fe58af454831283b254d0cf0758e19  fleetctl_v4.1.0_windows.tar.gz
92489eee42a685f3b95673d331d8021f25a41963efb393592caf98731a23c3a4  fleetctl_v4.1.0_macos.zip
a7a1672fb76ee7d9a7b7d2803f30462691ea05ee787df69b18b78b6faacc1aeb  fleet_v4.1.0_windows.zip
aa897d3b5a6f05992accd5ca6d2ac75096f7d450c2f96367d2b93322cb9724e8  fleetctl_v4.1.0_windows.zip
e63c59f1854037375993ac603a0630b6916c9134d93e6c1024a2053251348d72  fleet_v4.1.0_linux.tar.gz
e739da291492b45be3b74a09980d4aee5728b959d33c83278bccbdf16b967eed  fleet_v4.1.0_macos.tar.gz
f790f33bd6941666610d9b7dee0fdff27d9baea5e4ed67d05ec82339f09a57cc  fleetctl_v4.1.0_linux.tar.gz

Docker images

  • docker pull fleetdm/fleetctl:v4.1.0
  • docker pull fleetdm/fleetctl:v4.1.0
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.1.0
  • docker pull fleetdm/fleet:v4.1.0
  • docker pull fleetdm/fleet:v4
Loading

v4.0.1

02 Jul 00:09
@github-actions github-actions
v4.0.1
fed68fc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.1

Changes

  • Fix an issue in which migrations failed on MariaDB MySQL.

  • Allow http to be used when configuring fleetctl for localhost.

  • Fix a bug in which Team information was missing for hosts looked up by Label.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/4.0.1/docs/README.md

Binary Checksum

SHA256

1ec91724b224bd2d73b8909d3783f773acf135e6aa4f0f83c83dece3b4dd857b  fleetctl_v4.0.1_windows.zip
25c9c6e28f25962bd95e890594592d9642f209593c6649bd9de1ca2fb4619713  fleetctl_v4.0.1_macos.zip
63318adf2b6ae4fc3c9a88320da995cffffc48f7e9e0c3ac30fb7a0aa4b49064  fleetctl_v4.0.1_windows.tar.gz
7b854e37fb548a8130eacd45e7e3ba7b1b9fd4f226bb34d9de72cf56078d78cb  fleet_v4.0.1_macos.tar.gz
9e1688e8c14c70c4897454129a60f33b8dcd49177536754e2bdfbfc2b5b91429  fleetctl_v4.0.1_linux.tar.gz
9fc647796dafc64a6c04e47564c20b3931c4833ffaf2d98c8fbf276ab2ba7a62  fleet_v4.0.1_linux.tar.gz
b7a0faf0a8719954dc444151c777c61d6c099a7642e9e14e5208f4f5f7335d8f  fleetctl_v4.0.1_macos.tar.gz
decfc28652a4fd1612760abb9d0666ffadd4cc5af3662e412499bc20d0eaeb64  fleetctl_v4.0.1_linux.zip
ed0bc2d69cc5a398a9b26f67cbd70941ed87e1bc11ba744b2e0e7532f563278b  fleet_v4.0.1_windows.zip

Docker images

  • docker pull fleetdm/fleetctl:v4.0.1
  • docker pull fleetdm/fleetctl:v4.0.1
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.0.1
  • docker pull fleetdm/fleet:v4.0.1
  • docker pull fleetdm/fleet:v4
Loading

v4.0.0

29 Jun 18:54
@github-actions github-actions
v4.0.0
b9dfbf0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.0

Changes

The primary additions in Fleet 4.0.0 are the new Role-based access control (RBAC) and Teams features.

RBAC adds the ability to define a user's access to features in Fleet. This way, more individuals in an organization can utilize Fleet with appropriate levels of access.

Teams adds the ability to separate hosts into exclusive groups. This way, users can easily act on consistent groups of hosts.

New features breakdown

  • Add ability to define a user's access to features in Fleet by introducing the Admin, Maintainer, and Observer roles. Available in Fleet Core.

  • Add ability to separate hosts into exclusive groups with the Teams feature. The Teams feature is available for Fleet Basic customers. Check out the list below for the new functionality included with Teams:

  • Teams: Add ability to enroll hosts to one team using team specific enroll secrets.

  • Teams: Add ability to manually transfer hosts to a different team in the Fleet UI.

  • Teams: Add ability to apply unique agent options to each team. Note that "osquery options" have been renamed to "agent options."

  • Teams: Add ability to grant users access to one or more teams. This allows you to define a user's access to specific groups of hosts in Fleet.

  • Add ability to create an API-only user. API-only users cannot access the Fleet UI. These users can access all Fleet API endpoints and fleetctl features. Available in Fleet Core.

  • Add Redis cluster support. Available in Fleet Core.

  • Fix a bug that prevented the columns chosen for the "Hosts" table from persisting after logging out of Fleet.

Breaking changes

Fleet 4.0.0 is a major release and introduces several breaking changes and database migrations. The following sections call out changes to consider when upgrading to Fleet 4.0.0:

  • The structure of Fleet's .tar.gz and .zip release archives have changed slightly. Deployments that use the binary artifacts may need to update scripts or tooling. The fleetdm/fleet Docker container maintains the same API.

  • The username artifact has been removed in favor of the more recognizable name (Full name). As a result, users can no longer log in with the username artifact and must instead use the email artifact. In addition, SAML SSO users may need to update their username mapping to match user emails (a common SAML property for this mapping is NameID). Note that upon upgrading to Fleet 4.0.0, existing users will have the name field populated with username.

  • Use strictly fleet in Fleet's configuration, API routes, and environment variables. Users must update all usage of kolide in these items (deprecated since Fleet 3.8.0).

  • Change your SAML SSO URI to use fleet instead of kolide. This is due to the changes to Fleet's API routes outlined in the section above.

  • Change configuration option server_tlsprofile to server_tls_compatibility. This option previously had an inconsistent key name.

  • Replace the use of the api/v1/fleet/spec/osquery/options with api/v1/fleet/config. In Fleet 4.0.0, "osquery options" are now called "agent options." The new agent options are moved to the Fleet application config spec file and the api/v1/fleet/config API endpoint. In addition, the options yaml document has been removed. Agent options can now be configured using the agent_options key in the config yaml document.

  • Enroll secrets no longer have "names" and are now either global or for a specific team. Hosts no longer store the “name” of the enroll secret that was used. Users that want to be able to segment hosts (for configuration, queries, etc.) based on the enrollment secret should use the Teams feature in Fleet Premium.

  • JWT encoding is no longer used for session keys. Sessions now default to expiring in 4 hours of inactivity. auth_jwt_key and auth_jwt_key_file are no longer accepted as configuration.

  • As of Fleet 4.0.0, Fleet Device Management Inc. periodically collects anonymous information about your instance. Sending usage statistics is turned off by default for users upgrading from a previous version of Fleet. Read more about the exact information collected here.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/v4.0.0/docs/README.md

Binary Checksum

SHA256

06ac4b3842630147308cde2db5cf7cb6148f8eebd42aeaf1adbb3dc923307b47  fleet_v4.0.0_macos.tar.gz
1d0d1554c263bfec7910ce517d0e2d569d044beead86047100de0cb19a5d6991  fleetctl_v4.0.0_macos.tar.gz
27bede60f2dfa5130c37e697dc6f1ba95031a10dabd90690ec3bebc3481fde11  fleetctl_v4.0.0_linux.tar.gz
297f98211dc4aad297dec1c5fbe0e19e32c1dcb8502f6b7bdbd9052d2346e5cf  fleetctl_v4.0.0_windows.tar.gz
4234921c3b2543c03c18656a07899d7f68223ebf4a2262d38e76354a458a2da1  fleet_v4.0.0_windows.zip
7ce013a33e17d800756f001962a74720c7e47fb057f1f32cd37171b7e2dada74  fleetctl_v4.0.0_macos.zip
9131394e823bc63893a190f91181024e69f82a6af82ac423ff221e9f93b3dbf7  fleet_v4.0.0_linux.tar.gz
de1ec4c8652da0542f2abb990b41afacca7f44f59d17e8253e6f10ffe40ec423  fleetctl_v4.0.0_linux.zip
f44ec77ca0db1546824b8064eedeccf88a94ed9215a6761e8aef55f701952df3  fleetctl_v4.0.0_windows.zip

Docker images

  • docker pull fleetdm/fleetctl:v4.0.0
  • docker pull fleetdm/fleetctl:v4.0.0
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.0.0
  • docker pull fleetdm/fleet:v4.0.0
  • docker pull fleetdm/fleet:v4
Loading

v4.0.0-rc3

28 Jun 18:21
@github-actions github-actions
v4.0.0-rc3
df2c45f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.0-rc3 Pre-release
Pre-release

Docker images

  • docker pull fleetdm/fleetctl:v4.0.0-rc3
  • docker pull fleetdm/fleetctl:v4.0.0-rc3
  • docker pull fleetdm/fleetctl:v4
  • docker pull fleetdm/fleet:v4.0.0-rc3
  • docker pull fleetdm/fleet:v4.0.0-rc3
  • docker pull fleetdm/fleet:v4
Loading

v4.0.0-rc2

18 Jun 21:06
@noahtalerman noahtalerman
v4.0.0-rc2
62e7c16
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.0-rc2 Pre-release
Pre-release

Changes

The primary additions in Fleet 4.0.0 are the new Role-based access control (RBAC) and Teams features.

RBAC adds the ability to define a user's access to features in Fleet. This way, more individuals in an organization can utilize Fleet with appropriate levels of access.

Teams adds the ability to separate hosts into exclusive groups. This way, users can easily act on consistent groups of hosts.

New features breakdown

  • Add ability to define a user's access to features in Fleet by introducing the Admin, Maintainer, and Observer roles. Available in Fleet Core.

  • Add ability to separate hosts into exclusive groups with the Teams feature. The Teams feature is available for Fleet Basic customers. Check out the list below for the new functionality included with Teams:

  • Teams: Add ability to enroll hosts to one team using team specific enroll secrets.

  • Teams: Add ability to manually transfer hosts to a different team in the Fleet UI.

  • Teams: Add ability to apply unique agent options to each team. Note that "osquery options" have been renamed to "agent options."

  • Teams: Add ability to grant users access to one or more teams. This allows you to define a user's access to specific groups of hosts in Fleet.

  • Add ability to create an API-only user. API-only users cannot access the Fleet UI. These users can access all Fleet API endpoints and fleetctl features. Available in Fleet Core.

  • Add Redis cluster support. Available in Fleet Core.

  • Fix a bug that prevented the columns chosen for the "Hosts" table from persisting after logging out of Fleet.

Upgrade plan

Fleet 4.0.0 is a major release and introduces several breaking changes and database migrations.

  • Use strictly fleet in Fleet's configuration, API routes, and environment variables. Users must update all usage of kolide in these items (deprecated since Fleet 3.8.0).

  • Change configuration option server_tlsprofile to server_tls_compatability. This option previously had an inconsistent key name.

  • Replace the use of the api/v1/fleet/spec/osquery/options with api/v1/fleet/config. In Fleet 4.0.0, "osquery options" are now called "agent options." The new agent options are moved to the Fleet application config spec file and the api/v1/fleet/config API endpoint.

  • Enroll secrets no longer have "names" and are now either global or for a specific team. Hosts no longer store the “name” of the enroll secret that was used. Users that want to be able to segment hosts (for configuration, queries, etc.) based on the enrollment secret should use the Teams feature in Fleet Basic.

  • auth_jwt_key and auth_jwt_key_file are no longer accepted as configuration.

  • JWT encoding is no longer used for session keys. Sessions now default to expiring in 4 hours of inactivity.

Known issues

There are currently no known issues in this release. However, we recommend only upgrading to Fleet 4.0.0-rc2 for testing purposes. Please file a GitHub issue for any issues discovered when testing Fleet 4.0.0!

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/v4.0.0-rc2/docs/README.md

Binary Checksum

SHA256

33f8ae90fa0f508200f632516374226cfc6485112ca1982390b52fb9f611fbbb  fleet.zip
dbacbc93048e00676ea9986ed9a1f5697f965e3bec5d988b64c3f4ae53ff54b4  fleetctl.exe.zip
9d6be11444a0e2d9170b690aba969afdfef3782fd4defaa030812c10af492e6f  fleetctl-macos.tar.gz
7107330a59dd413769a4bb476495e98b55068b2f46f99813450a1ad9991a34d1  fleetctl-windows.tar.gz
7a3b9d6eebf48fd9862785dd6c42391a37bb955ca108c39dde802dce096d67e1  fleetctl-linux.tar.gz
Loading

v4.0.0-rc1

10 Jun 16:33
@noahtalerman noahtalerman
v4.0.0-rc1
6040f88
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.0.0-rc1 Pre-release
Pre-release

Changes

The primary additions in Fleet 4.0.0 are the new Role-based access control (RBAC) and Teams features.

RBAC adds the ability to define a user's access to information and features in Fleet. This way, more individuals in an organization can utilize Fleet with appropriate levels of access. Check out the permissions documentation for a breakdown of the new user roles and their respective capabilities.

Teams adds the ability to separate hosts into exclusive groups. This way, users can easily observe and apply operations to consistent groups of hosts. Read more about the Teams feature in the documentation here.

There are several known issues that will be fixed for the stable release of Fleet 4.0.0. Therefore, we recommend only upgrading to Fleet 4.0.0 RC1 for testing purposes. Please file a GitHub issue for any issues discovered when testing Fleet 4.0.0!

New features breakdown

  • Add ability to define a user's access to information and features in Fleet by introducing the Admin, Maintainer, and Observer roles.

  • Add ability to separate hosts into exclusive groups with the Teams feature. The Teams feature is available for Fleet Basic customers. Check out the list below for the new functionality included with Teams:

  • Add ability to enroll hosts to one team using team specific enroll secrets.

  • Add ability to manually transfer hosts to a different team in the Fleet UI.

  • Add ability to apply unique agent options to each team. Note that "osquery options" have been renamed to "agent options."

  • Add ability to grant users access to one or more teams. This allows you to define a user's access to specific groups of hosts in Fleet.

Upgrade plan

Fleet 4.0.0 is a major release and introduces several breaking changes and database migrations.

  • Use strictly fleet in Fleet's configuration, API routes, and environment variables. This means that you must update all usage of kolide in these items. The backwards compatibility introduced in Fleet 3.8.0 is no longer valid in Fleet 4.0.0.

  • Change configuration option server_tlsprofile to server_tls_compatability. This options previously had an inconsistent key name.

  • Replace the use of the api/v1/fleet/spec/osquery/options with api/v1/fleet/config. In Fleet 4.0.0, "osquery options" are now called "agent options." The new agent options are moved to the Fleet application config spec file and the api/v1/fleet/config API endpoint.

  • Enroll secrets no longer have "names" and are now either global or for a specific team. Hosts no longer store the “name” of the enroll secret that was used. Users that want to be able to segment hosts (for configuration, queries, etc.) based on the enrollment secret should use the Teams feature in Fleet Basic.

  • auth_jwt_key and auth_jwt_key_file are no longer accepted as configuration.

  • JWT encoding is no longer used for session keys. Sessions now default to expiring in 4 hours of inactivity.

Known issues

  • Query packs cannot be targeted to teams.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for this release can be found at https://github.com/fleetdm/fleet/blob/v4.0.0-rc1/docs/README.md

Binary Checksum

SHA256

9e6e4db4fdb9e43e43235a0b2ad505bf03883394efd80af192e546cfcf3b3d1e  fleet.zip
bdc8aa4d62fc10777cdc34a9104a9e5ff69235179f4945393aa9580769770c19  fleetctl.exe.zip
350cc1b11b2b747714f80469b9c7cde6a3d6abae9db64530ee2194e82ad83208  fleetctl-macos.tar.gz
543c5365716f08545ead4a0b07563eb3788d38ff7a54afc7c86b5f4f36694e0e  fleetctl-windows.tar.gz
409baadf4b263625124695835df12d4743c1b673e24353c77b51da6b9e2209a4  fleetctl-linux.tar.gz
Loading