search

Joining Hosts to Fleet

Guide on How to Join OSQuery Hosts to Fleet

hashtag
How to Join a Windows OSQuery Hosts

Navigate to the Fleet website, log in as the admin user, go to hosts and select "Add new host". Download the Enroll Secret, Server Certificate, and Flag File.

Fleet Files

Next, open an administrator PowerShell Window so that files can be moved to where they need to be placed.

Next, edit 'C:\Program Files\osquery\osquery.flags' to ensure that the first three lines of it look like this.

Note: Be sure to use the full path names for the enroll secret path and TLS server certificate. Be sure to put in IP address of server hosting FleetDM for TLS hostname as well.

The rest of the lines in the flag file are good to be set with the defaults. Finally, Restart or Start the osqueryd service.

Now, the Windows 10 Host should be on the list of hosts on FleetDM like below!

Windows 10 Host Joined

hashtag
How to Join a Linux OSQuery Host

In order to join a Linux OSQuery host, get the server certificate, enrollment secret, and OSQuery flag files all set up in /etc/osquery/.

Make sure to edit the osquery.flags file so that the FleetDM FQDN is inserted in {{ fleetdm_fqdn }} and the FleetDM port is inserted in {{ fleetdm_port }}. After this, restart the OSQuery service to join the host.

Linux Host Joined
PreviousFleetDM SetupNextCreating New Queries on Fleet

Last updated