You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: articles/filtering-software-by-vulnerability.md
+20-6
Original file line number
Diff line number
Diff line change
@@ -13,21 +13,35 @@ This filtering capability is particularly useful in environments where patch man
13
13
* Fleet version 4.56 or later
14
14
* Premium users have access to advanced filters by severity level and known exploited vulnerabilities
15
15
16
-
### Filtering Software by Vulnerability
16
+
### Filtering software by vulnerability
17
17
18
18
1.**Navigate to the Software page**: In your Fleet dashboard, go to the **Software** tab. This will display a list of all the software detected in your environment.
19
19
20
-
2.**Add filters**: Click on the **Add Filters** button. This will open options for filtering the software list based on specific criteria.
20
+
2.**Filtering by vulnerability name**: You can use the search bar to filter software by its name or by a CVE vulnerability name associated with it.
21
21
22
-
3.**Choose severity level**: From the dropdown menu, select the **Severity level**of vulnerabilities you're interested in. This allows you to focus on software with the highest severity of vulnerabilities, such as "Critical" or "High."
22
+
3.**Add filters**: Click on the **Add Filters**button. This will open options for filtering the software list based on specific criteria.
23
23
24
-
4.**Toggle "Has known exploit"**: You can refine your filter by toggling the **Has known exploit**option. This will filter the software list to show only those with vulnerabilities that have known exploits, enabling you to prioritize these for patching.
24
+
4.**Choose severity level**: From the dropdown menu, select the **Severity level**of vulnerabilities you're interested in. This allows you to focus on software with the highest severity of vulnerabilities, such as "Critical" or "High."
25
25
26
-
5.**Review filtered results**: Once you've applied your filters, the software list will update to show only the software that meets your criteria. This filtered view will help you prioritize which software needs immediate attention in your patching strategy.
26
+
5.**Toggle "Has known exploit"**: You can refine your filter by toggling the **Has known exploit** option. This will filter the software list to show only those with vulnerabilities that have known exploits, enabling you to prioritize these for patching.
27
+
28
+
6.**Review filtered results**: Once you've applied your filters, the software list will update to show only the software that meets your criteria. This filtered view will help you prioritize which software needs immediate attention in your patching strategy.
29
+
30
+
### Filtering software by vulnerability on the Host details page
31
+
32
+
In Fleet version 4.66 or later, the same vulnerability filtering functionality is available on the Host details page. To access this:
33
+
34
+
1.**Navigate to the Hosts page**: In your Fleet dashboard, go to the **Hosts** tab.
35
+
36
+
2.**Select a host**: Click on a particular host to view its details.
37
+
38
+
3.**Access the Software tab**: On the Host details page, click on the **Software** tab. This will display a list of all software detected on the host.
39
+
40
+
4.**Filter software**: Follow steps 3 through 6 from the previous section to filter software by severity, known exploit, etc.
27
41
28
42
### Using the REST API to filter software for vulnerabilities
29
43
30
-
Fleet provides a REST API to filter software for vulnerabilities, allowing you to integrate this functionality into your automated workflows. Learn more about Fleet's [REST API](https://fleetdm.com/docs/rest-api/rest-api#vulnerabilities).
44
+
Fleet provides a REST API to filter software for vulnerabilities, allowing you to integrate this functionality into your automated workflows. You can use the [REST API documentation for vulnerabilities](https://fleetdm.com/docs/rest-api/rest-api#vulnerabilities) to get started, and the [get host's software](https://fleetdm.com/docs/rest-api/rest-api#get-hosts-software) endpoint to retrieve software information for specific hosts.
Copy file name to clipboardexpand all lines: articles/queries.md
+5
Original file line number
Diff line number
Diff line change
@@ -32,6 +32,11 @@ How to create a query:
32
32
33
33
4. Select **Save**, enter a name and description for your query, select the frequency that the query should run at, and select **Save query**.
34
34
35
+
## Targeting hosts using labels
36
+
37
+
_Available in Fleet Premium._
38
+
39
+
When creating or editing a query, you can restrict the set of hosts that it will run on by using [labels](https://fleetdm.com/guides/managing-labels-in-fleet). By default, a new query will target all hosts, indicated by the **All Hosts** option being selected beneath the **Targets** setting. If you select **Custom** instead, you will be able to select one or more labels for the query to target. Note that the query will run on any host that matches __any__ of the selected labels. To learn more about labels, see [Managing labels in Fleet](https://fleetdm.com/guides/managing-labels-in-fleet).
Copy file name to clipboardexpand all lines: articles/secrets-in-scripts-and-configuration-profiles.md
+1-1
Original file line number
Diff line number
Diff line change
@@ -83,7 +83,7 @@ The dollar sign (`$`) can be escaped so it's not considered a variable by using
83
83
84
84
## Known limitations and issues
85
85
86
-
- Windows profiles are currently not re-sent to the device when the GitHub action (or GitLab pipeline) runs: [issue #25030](https://github.com/fleetdm/fleet/issues/25030)
86
+
- After changing a secret used by a Windows profile, that profile is currently not re-sent to the device when the GitHub action (or GitLab pipeline) runs: [story #27351](https://github.com/fleetdm/fleet/issues/27351)
87
87
- Fleet does not hide the secret in script results. DO NOT print/echo your secrets to the console output.
88
88
- There is no way to explicitly delete a secret variable. Instead, you can overwrite it with any value.
89
89
- Do not use deprecated API endpoint(s) to upload profiles containing secret variables. Use endpoints documented in [Fleet's REST API](https://fleetdm.com/docs/rest-api/rest-api).
0 commit comments