Welcome to the documentation for Fleet, the lightweight management platform for laptops and servers.
Can't find what you're looking for? Support
Fleet is the most widely used open source osquery manager in the world. Fleet enables programmable live queries, streaming logs, and realtime visibility of 100,000+ servers, containers, and laptops. It's especially useful for IT, security, and compliance use cases.
The Fleet application contains two single static binaries which provide web based administration, REST API, and CLI interface to Fleet.
The fleet
binary contains:
The fleetctl
binary is the CLI interface which allows management of your deployment, scriptable live queries, and easy integration into your existing logging, alerting, reporting, and management infrastructure.
Both binaries are available for download from our repo.
If you'd like to try Fleet on your laptop, we recommend Fleet Sandbox.
If you want to enroll real hosts or deploy to a more scalable environment, we recommend deploying Fleet to a server.
Fleet currently has three infrastructure dependencies: MySQL, Redis, and a TLS certificate.
Fleet uses MySQL extensively as its main database. Many cloud providers (such as AWS and GCP) host reliable MySQL services which you may consider for this purpose. A well supported MySQL Docker image also exists if you would rather run MySQL in a container. For more information on how to configure the fleet
binary to use the correct MySQL instance, see the Configuration document.
Fleet requires at least MySQL version 5.7.
Fleet uses Redis to ingest and queue the results of distributed queries, cache data, etc. Many cloud providers (such as AWS and GCP) host reliable Redis services which you may consider for this purpose. A well supported Redis Docker image also exists if you would rather run Redis in a container. For more information on how to configure the fleet
binary to use the correct Redis instance, see the Configuration document.
In order for osqueryd clients to connect, the connection to Fleet must use TLS. The TLS connection may be terminated by Fleet itself, or by a proxy serving traffic to Fleet.
fleet.example.com
should match a SAN of *.example.com
--tls_server_certs
flag.Below are some projects created by Fleet community members. These projects provide additional solutions for deploying Fleet. Please submit a pull request if you'd like your project featured.
If you notice something we've missed or could be improved on, please follow this link and submit a pull request to the Fleet repo.
Back to top